Uploaded image for project: 'Repose'
  1. REP-7310

HERP Query Parameter Decoding Throws IllegalArgumentException

    Details

    • Type: Bug
    • Status: Resolved (View workflow)
    • Priority: Medium
    • Resolution: Done
    • Affects versions: None
    • Fix versions: 9.0.0.0
    • Components: None
    • Labels:
      None
    • Sprint:
      Sprint 182 (Dec 6 – Jan 16)
    • Story Points:
      2
    • Capitalizable:
      True

      Description

      When processing request query parameters to be logged, the HERP filter attempts to URL decode the key and value(s) of each parameter. This is done so that human-readable characters are logged rather than hex-encoded characters. However, it appears that query parameters are decoded by the servlet container prior to when the HERP filter can process them. As a result, the HERP filter tries to decode query parameters for a second time, which causes an issue if the % character was originally encoded. That is, if the HERP filter tries to decode a query parameter that has already been decoded and contains the % character after decoding, it will throw an exception.

      If the servlet container is decoding the query parameters, does the HERP filter need to?

      We need to verify that the container is decoding the query parameters and then remove the decoding logic in the HERP.

      Acceptance Criteria

      • HERP is able to log encoded values in the query parameters.

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                damien.johnson Damien Johnson
                Reporter:
                damien.johnson Damien Johnson
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: