-
Bug
-
Resolution: Fixed
-
High
-
6.12.2, 6.15.6, 6.15.7
-
16
-
Severity 3 - Minor
-
94
-
Summary
Doing certain actions on newer versions of Confluence which contains newer versions of tomcat, will results with 400 - Bad Request Invalid character found in the request target error message
Steps to replicate #1 - Subscribing to RSS feeds
- On any space, go to Space Tools > Content Tools > RSS Feed
- Alternatively, go to <base_URL>/spaces/listrssfeeds.action?key=<space_key>
- Click on any links: Pages, Blog, Mail, Comments, Attachments, All Content
- Expected Results: Prompts for RSS file
Steps to replicate #2 - Clicking the "Go to included page" option in Excerpt Include macro when page contains square bracket
- Create page A which contains square brackets in the page title for example: "Page with [square] brackets"
- Create page B.
- Add Excerpt Include macro and point it to the page A
- Save the Page B, Edit mode for page B
- Click on Excerpt macro and then navigate to "Go to Included Page" button
- Expected Results: Page A "Page with [square] brackets" will be opened
Actual Results
Following error is returned in the UI:
HTTP Status 400 – Bad Request Type Exception Report Message Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). Exception java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467) org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294) org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.lang.Thread.run(Thread.java:748) Note The full stack trace of the root cause is available in the server logs.
Notes
The Apache Tomcat server, which is a web server used by Confluence, is filtering out requests that contain special characters. That’s because Tomcat is using a different encoding and URI standard than most browsers.
See also Apache Tomcat 8.5 http docs for more details:
relaxedPathChars:
The HTTP/1.1 specification requires that certain characters are %nn encoded when used in URI paths. Unfortunately, many user agents including all the major browsers are not compliant with this specification and use these characters in unencoded form. To prevent Tomcat rejecting such requests, this attribute may be used to specify the additional characters to allow. If not specified, no additional characters will be allowed. The value may be any combination of the following characters:
" < > [ \ ] ^ ` { | }. Any other characters present in the value will be ignored.
Workaround
Specify tomcat to allow the special characters. For the above issues, we only need to allow the comma "," character.
- Go to <confluence_install>/conf, backup, and edit the server.xml file.
- Find all connectors your application is using. Just search for Connector in the file, or look at the example below. You're interested only in connectors whose protocol is set to HTTP and HTTPS (not AJP).
- Add relaxedQueryChars="[,]" to the connector properties in server.xml. For example:
<Connector port="26156" connectionTimeout="20000" redirectPort="8443" maxThreads="48" minSpareThreads="10" enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8" relaxedQueryChars="[,]" protocol="org.apache.coyote.http11.Http11NioProtocol"/>
- If the above workaround does not work, try specifying the other characters by adding the following in server.xml instead:
relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
- If the above workaround does not work, try specifying the other characters by adding the following in server.xml instead:
- Restart Confluence
- is duplicated by
-
-
- Closed
-
- relates to
-
-
- Long Term Backlog
-
[CONFSERVER-57582] Later version of Tomcat hit into "Invalid character found in the request target" when subscribing to RSS feeds
I installed Confluence 7.0.1.
However, this issue was not resolved.
workaround applied.
A fix for this issue is available to Server and Data Center customers in Confluence 7.0.1
Upgrade now or check out the Release Notes to see what other issues are resolved.
Hi everyone,
This bug was introduced in Confluence when we upgraded the tomcat version bundled in Confluence to a newer version of tomcat, which results with Tomcat rejecting certain characters. I have updated more information on the root cause of the issue in the description part of this bug, hope this gives a bit of a background of the issue.
claus.westerkamp@raytion.com, leslie5, I can confirm that the workaround specified works. Were you able to try the workaround mentioned by andreas.gaertner1 instead?
add following lines to the server.xml in the connector section:
relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
If you're still having problems and would like a hand, please reach out to us at https://support.atlassian.com, and we'll be happy to help you sort this out!
Cheers,
Monique
Also affected:
Apache Tomcat/9.0.12
Confluence 6.14.2
Workaround according to CSP-255199 which I opened yesterday tells us to - like for JIRA - add following lines to the server.xml in the connector section:
relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
Months later. No change in issue status. Doesn't work for me either.
And the popup says "Get updates, inspiration and best practices from the team behind Jira." Seriously? You must be kidding
problem remains with
Message Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
my server.xml
<Connector port="8210"
connectionTimeout="20000"
redirectPort="8443"
maxThreads="48"
minSpareThreads="10"
enableLookups="false"
acceptCount="10"
debug="0"
URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
relaxedQueryChars="[,]"
scheme="https"
secure="true"
proxyName="dev"
proxyPort="443"/>
I wanted to share my experience with this issue on confluence with the community. In my case I created a page on confluence which had a pipe character '|' without quotes of course in the page title.
I'm just a user of confluence and do not have any kind of admin privileges on the confluence space, confluence installation or the infrastructure on which confluence has been installed. And that was the big limitation that i was facing because i had to publish my page (which i took 60 mins to create) quickly to a bunch of stakeholders and I couldn't afford to raise a ticket to the confluence admin team to troubleshoot.
It appears that confluence uses page title to create the http request. And thats where Apache was complaining because pipe is treated as a special character by Apache. As you would all know that once you get to this state it is impossible to get to edit the page, forget about displaying the page.
My workaround was that I was able to access my browser history and one of the links pointed to opening the page in edit mode. I was able to do that, removed the pipe character from the page title and it fixed everything. I know this is not a solution but it really saved me the trouble of reaching out to admins.