Issue Summary

In Confluence 9, webhooks do not preserve URL encoding after being triggered, causing potential failures in processing by external services.

Steps to Reproduce

• Upgrade to, or performa clean installation of, Confluence 10.0.0

• Configure a webhook with a URL containing the %3D characters.
  Example:

  https://webhook.site/87749b79-cde2-4add-91da-4538b46f01ec/TOKEN=%3D 

• Trigger the webhook to send a request.

Expected Results

The webhook request should preserve URL encoding in the query parameters, resulting in a correctly formatted URL:

POST /87749b79-cde2-4add-91da-4538b46f01ec/TOKEN=%3D?

Actual Results

In Confluence 9 and later, the webhook request does not preserve URL encoding, resulting in an incorrect URL:

POST /87749b79-cde2-4add-91da-4538b46f01ec/TOKEN== HTTP/1.1

This bug affects the functionality of webhooks that rely on special characters being URL-encoded, potentially leading to authentication failures and disruptions in integrations with external services.

Workaround

Try one of the following workarounds to address the issue:

1. Secure admin webhooks: Use this feature to avoid passing security tokens via URLs.
2. Re-generate tokens: Generate new tokens until they don't contain problematic characters like `%3D`.
3. Outbound HTTP/S proxy: Use a network proxy to re-write webhook URLs for proper encoding.

These options provide temporary solutions until a permanent fix is available.