You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "Jan Riehn (JIRA)" <ji...@apache.org> on 2013/02/11 17:03:13 UTC
[jira] [Comment Edited] (WICKET-4803) Unwrapped
IllegalArgumentException in WicketURLDecoder
[ https://issues.apache.org/jira/browse/WICKET-4803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13575858#comment-13575858 ]
Jan Riehn edited comment on WICKET-4803 at 2/11/13 4:02 PM:
------------------------------------------------------------
Hej Martin,
maybe the problem is not well demonstrated. this issue can be reconstructed using the wicket 1.5.9 quickstart [http://wicket.apache.org/start/quickstart.html]. An invalid request like "http://localhost:8080/?%%%" throws the following exception:
java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "%%"
at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:162)
at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:76)
at org.apache.wicket.request.Url.decodeParameter(Url.java:601)
at org.apache.wicket.request.Url.parseQueryParameter(Url.java:104)
at org.apache.wicket.request.Url.parse(Url.java:243)
at org.apache.wicket.protocol.http.servlet.ServletWebRequest.getContextRelativeUrl(ServletWebRequest.java:222)
at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:126)
at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:83)
at org.apache.wicket.protocol.http.WebApplication.newWebRequest(WebApplication.java:413)
at org.apache.wicket.protocol.http.WebApplication.createWebRequest(WebApplication.java:458)
at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:183)
at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:244)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:904)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:565)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:217)
at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:50)
at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:245)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
at java.lang.Thread.run(Unknown Source)
Is there any advice on how to handle such invalid requests?
was (Author: jriehn):
Hej Martin,
maybe the problem is not well demonstrated. this issue can be reconstructed using the wicket 1.5.9 quickstart [http://wicket.apache.org/start/quickstart.html]. An invalid request like "http://localhost:8080/?%%%" throws the following exception:
java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "%%"
at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:162)
at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:76)
at org.apache.wicket.request.Url.decodeParameter(Url.java:601)
at org.apache.wicket.request.Url.parseQueryParameter(Url.java:104)
at org.apache.wicket.request.Url.parse(Url.java:243)
at org.apache.wicket.protocol.http.servlet.ServletWebRequest.getContextRelativeUrl(ServletWebRequest.java:222)
at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:126)
at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:83)
at org.apache.wicket.protocol.http.WebApplication.newWebRequest(WebApplication.java:413)
at org.apache.wicket.protocol.http.WebApplication.createWebRequest(WebApplication.java:458)
at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:183)
at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:244)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:904)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:565)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:217)
at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:50)
at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:245)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
at java.lang.Thread.run(Unknown Source)
Is there any advice on how to handle such invalid request?
> Unwrapped IllegalArgumentException in WicketURLDecoder
> ------------------------------------------------------
>
> Key: WICKET-4803
> URL: https://issues.apache.org/jira/browse/WICKET-4803
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.8
> Reporter: Johan Heylen
> Priority: Minor
> Attachments: WICKET-4803-quickstart-testcase-and-example.zip
>
>
> In the class: org.apache.wicket.protocol.http.WicketURLDecoder there are two IllegalArgumentException which should be wrapped in WicketRuntimeException, otherwise they are caught by the exception handler form the servlet container (jetty, tomcat, ...) which then uses their http 500 error code configuration instead of the exception handling of wicket.
> Wrapping them would be good for consistency and help manage runtime exceptions.
> These are the two exceptions:
> throw new IllegalArgumentException("URLDecoder: Incomplete trailing escape (%) pattern");
> throw new IllegalArgumentException("URLDecoder: Illegal hex characters in escape (%) pattern - " + e.getMessage());
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira