-
Type:
Suggestion
-
Resolution: Unresolved
-
None
-
Component/s: Web Interface - AUI
-
None
-
3
-
11
If a request to the Webserver is sent with an URL containing wrong characters or with invalid objects, a stack-trace may be returned as response and be exhibited in the User Interface.
Examples
For a request sent to the Webserver with an URL containing wrong characters, the following stack-trace is shown in the UI:
HTTP Request GET /plugins/servlet/samlsso?redirectTo=-"www.ernw.de HTTP/1.1 Host: confluence.mbusa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1 HTTP Response HTTP/1.1 400 [...] [...]<body><h1>HTTP Status 400 – Bad Request</h1><hr class="line" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467) org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294) org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.lang.Thread.run(Thread.java:745) </pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class="line" /></body></html>
Another stack-trace is resulted by sending invalid JSON object as shown below:
HTTP Request
POST /rest/analytics/1.0/publish/bulk HTTP/1.1 Host: confluence.mbusa.com [...] [{"name":""',"properties":
{"pageID":"'","editorVersion":"0.423"}
,"timeDelta":469}]
HTTP Response
HTTP/1.1 500 Date: Tue, 19 Nov 2019 17:28:18 GMT Content-Type: application/json Connection: close Set-Cookie: AWSALB=h5zcbuitaOqElv0b2vKP9sFVWxe2x5i+6JyHuzYbChFsm/j1eA0t+5QJcUOS5vn5xLOH6XpfrqHy3zn4+/SbaN53ebYa9rKhtBbGUHfNWvtMMkiwRXJPAWmypp/5; Expires=Tue, 26 Nov 2019 17:28:18 GMT; Path=/ X-ASEN: SEN-L14006162 X-Confluence-Cluster-Node: 361376a9 X-Confluence-Cluster-Node-Name: Beta X-Content-Type-Options: nosniff Vary: User-Agent Content-Length: 33106 {"message":"Unexpected character (''' (code 39)): was expecting comma to separate OBJECT entries\n at [Source: org.apache.catalina.connector.CoyoteInputStream@3bd2df3; line: 1, column: 13]","status-code":500,"stack-trace":"org.codehaus.jackson.JsonParseException: Unexpected character (''' (code 39)): was expecting comma to separate OBJECT entries\n at [Source: org.apache.catalina.connector.CoyoteInputStream@3bd2df3; line: 1, column: 13]\n\tat org.codehaus.jackson.JsonParser._constructError(JsonParser.java:1433)\n\tat org.codehaus.jackson.impl.JsonParserMinimalBase._reportError(JsonParserMinimalBase.java:521)\n\tat org.codehaus.jackson.impl.JsonParserMinimalBase._reportUnexpectedChar(JsonParserMinimalBase.java:442)\n\tat org.codehaus.jackson.impl.Utf8StreamParser.nextToken(Utf8StreamParser.java:482)\n\tat org.codehaus.jackson.map.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:690)\n\tat org.codehaus.jackson.map.deser.BeanDeserializer.deserialize(BeanDeserializer.java:580)\n\tat org.codehaus.jackson.map.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:217)\n\tat org.codehaus.jackson.map.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:194)\n\tat org.codehaus.jackson.map.deser.std.CollectionDeserializer.deserialize(CollectionDeserializer.java:30)\n\tat org.codehaus.jackson.map.ObjectMapper._readValue(ObjectMapper.java:2704)\n\tat org.codehaus.jackson.map.ObjectMapper.readValue(ObjectMapper.java:1315)\n\tat org.codehaus.jackson.jaxrs.JacksonJsonProvider.readFrom(JacksonJsonProvider.java:419)\n\tat com.sun.jersey.spi.container.ContainerRequest.getEntity(ContainerRequest.java:490)\n\tat
com.sun.jersey.spi.container.AdaptingContainerRequest.getEntity(AdaptingContainerRequest.java:236)\n\tat com.sun.jersey.server.impl.model.method.dispatch.EntityParamDispatchProvider$EntityInjectable.getValue(EntityParamDispatchProvider.java:123)\n\tat com.sun.jersey.server.impl.inject.InjectableValuesProvider.getInjectableValues(InjectableValuesProvider.java:86)\n\tat com.atlassian.plugins.rest.common.interceptor.impl.DispatchProviderHelper$EntityParamInInvoker.getParams(DispatchProviderHelper.java:133)\n\tat com.atlassian.plugins.rest.common.interceptor.impl.DispatchProviderHelper$ResponseOutInvoker._dispatch(DispatchProviderHelper.java:188)\n\tat com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)\n\tat com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)\n\tat com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)\n\tat
[...]
Request
A way to keep these stack-traces from wrong requests hidden from the UI, so users don't need to see them at all.
A friendly message could be exhibited instead in order to indicate something went wrong