|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 3359 | minor | always | 02-26-09 15:51 | 03-02-09 10:22 | |
|
|
|||||
| Reporter: | ferg | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 3.1.6 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 3.1.8 | ||
|
|
|||||
| Summary: | 0003359: stack trace not wanted | ||||
| Description: |
(rep by Vinod Mehra) I had an email exchange with you regarding this in the past, but I lost that email. Anyway we didn't find a solution at that time. Did you happen to file a bug for this? We would like to suppress this and give a better error page because the stack trace reveals the app server and version info. Which is a security concern. Here are couple of urls for which it shows up: http://developer.foo.com/....../ [^] [show] The request contains an illegal URL. com.caucho.server.dispatch.BadRequestException: The request contains an illegal URL. at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:385) at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:328) at com.caucho.server.dispatch.InvocationDecoder.splitQueryAndUnescape(InvocationDecoder.java:239) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:249) at com.caucho.server.port.TcpConnection.run(TcpConnection.java:678) at com.caucho.util.ThreadPool$Item.runTasks(ThreadPool.java:721) at com.caucho.util.ThreadPool$Item.run(ThreadPool.java:643) at java.lang.Thread.run(Thread.java:595) If a URL has over 1056 characters, a resin error page is displayed. http://developer.foo.com/aaaaaa [^] <snipped long url> The request contains an illegal URL. [show] The request contains an illegal URL. com.caucho.server.dispatch.BadRequestException: The request contains an illegal URL. at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:345) at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:328) at com.caucho.server.dispatch.InvocationDecoder.splitQueryAndUnescape(InvocationDecoder.java:239) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:249) at com.caucho.server.port.TcpConnection.run(TcpConnection.java:678) at com.caucho.util.ThreadPool$Item.runTasks(ThreadPool.java:721) at com.caucho.util.ThreadPool$Item.run(ThreadPool.java:643) at java.lang.Thread.run(Thread.java:595) Since BadRequestException is thrown outside the webapp context the error handlers in the app do not get a chance to handle it. Is it possible to invoke the error handler for the default webapp so that it gets a chance to handle it? Another option will be to have a provision for server wide error handlers. |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| There are no notes attached to this issue. |