[jboss-jira] [JBoss JIRA] (WFLY-9724) Undertow does not allow UTF-8 characters in URLs
Kabir Khan (JIRA)
issues at jboss.org
Tue Mar 20 06:38:00 EDT 2018
[ https://issues.jboss.org/browse/WFLY-9724?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kabir Khan updated WFLY-9724:
-----------------------------
Issue Type: Feature Request (was: Bug)
> Undertow does not allow UTF-8 characters in URLs
> ------------------------------------------------
>
> Key: WFLY-9724
> URL: https://issues.jboss.org/browse/WFLY-9724
> Project: WildFly
> Issue Type: Feature Request
> Components: Web (Undertow)
> Reporter: Stuart Douglas
> Assignee: Stuart Douglas
> Labels: downstream_dependency, qe-pre-ack
>
> We receive a 400 response code if using UTF-8 characters for a request, due to this check:
> https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/server/protocol/http/HttpRequestParser.java#L375
> This was introduced in UNDERTOW-1101. We want to understand why it is necessary for the CVE/CWE regarding request smuggling, but this ticket is to at least make this check optional as it goes against the URL_ENCODING UndertowOption when set to UTF-8 (default).
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list