Cool, thanks.  I actually found that online after posting but for the life of me couldn't figure out how to reply to my own topic on the mailing list since you don't get Emailed for your own post and the web site doesn't seem to have posting capabilities.  

On a related note, hjave you considered switching to Google Groups or something?  The JBoss lists are seriously outdated.  Like in an embarrassing way :)

Thanks!

~Brad

Developer Advocate
Ortus Solutions, Corp 

ColdBox Platform: http://www.coldbox.org 



On Thu, Jul 12, 2018 at 6:24 PM Stuart Douglas <sdouglas@redhat.com> wrote:
The io.undertow.UndertowOptions#ALLOW_UNESCAPED_CHARACTERS_IN_URL option allows you to control this.

Stuart

On Fri, Jul 13, 2018 at 2:23 AM Brad Wood <bdw429s@gmail.com> wrote:
I just had a user who updated to the latest version of my Undertow-powered server report an error when his query string contained unencoded pipe characters.  (error at the bottom) This didn't happen in older versions but appears to be a valid check.  In this case, my user has no control over the URL that's being sent to his site as it comes from a Microsoft Office365 app that opens a popup window to one of his URLs for authentication.  It looks like this:


I have a feeling this is "working as designed" but is there a way to relax the validation here as he has no control over this URL and it is a hard stop for him?

[DEBUG] io.undertow.request.io: UT005014: Failed to parse request
io.undertow.util.BadRequestException: UT000165: Invalid character | in request-target
        at io.undertow.server.protocol.http.HttpRequestParser.handleQueryParameters(HttpRequestParser.java:523)
        at io.undertow.server.protocol.http.HttpRequestParser.beginQueryParameters(HttpRequestParser.java:486)
        at io.undertow.server.protocol.http.HttpRequestParser.handlePath(HttpRequestParser.java:410)
        at io.undertow.server.protocol.http.HttpRequestParser.handle(HttpRequestParser.java:248)
        at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:187)
        at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:136)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:151)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:92)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:51)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.nio.QueuedNioTcpServer$1.run(QueuedNioTcpServer.java:129)
        at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:582)
        at org.xnio.nio.WorkerThread.run(WorkerThread.java:466)

Thanks!

~Brad

Developer Advocate
Ortus Solutions, Corp 

ColdBox Platform: http://www.coldbox.org 

_______________________________________________
undertow-dev mailing list
undertow-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/undertow-dev