Java Web Service keeps encoding on local machine, converts on development










-1















I have this strange issue that I am hoping someone has some experience with and can help me out.



I have a tomcat installation on my computer that I use to run things locally when I need to, but then I will publish it to a development box for testing. However, the URL encoding is behaving differently.



For instance, the HTTP verb looks like this (in postman, removed irrelevant rest of URL)



DELETE .../AAASnsAATAALI%2F5AAK/20181114110451


On my local machine I see this in the localhost_access_log:



"DELETE ../AAASnsAATAALI%2F5AAK/20181114110451 HTTP/1.1" 400


(I am expecting the 400. I have learned about the org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true that I need to set thanks to StackOverflow, when I do that everything works fine)



However, I see this in the localhost_access_log on the development machine:



 "DELETE ../AAASnsAATAALI/5AAK/20181114110451 HTTP/1.1" 404 1008


Which of course I am getting the 404 because something is converting that %2F to the / causing my URL path to be wrong.



I'm confused as to what may be different between my machine and the development machine. I don't think this could be tomcat as I'm pretty sure I just have the out of the box installs (I compared my catalina.properties and they are the same). Could this be something in IIS that is causing this on the development box? I've been scratching my head on this one for a while now, so I am hoping there is someone out there who has had this happen to them.



Any guidance appreciated.



EDIT:



I have recently discovered that if I make the service call directly referencing tomcat as opposed to using the intranet URL I was provided I get the expected 400 error. So I feel there has to be a setting for the intranet site that needs to be changed. I am going through it now, but have no experience with it.










share|improve this question




























    -1















    I have this strange issue that I am hoping someone has some experience with and can help me out.



    I have a tomcat installation on my computer that I use to run things locally when I need to, but then I will publish it to a development box for testing. However, the URL encoding is behaving differently.



    For instance, the HTTP verb looks like this (in postman, removed irrelevant rest of URL)



    DELETE .../AAASnsAATAALI%2F5AAK/20181114110451


    On my local machine I see this in the localhost_access_log:



    "DELETE ../AAASnsAATAALI%2F5AAK/20181114110451 HTTP/1.1" 400


    (I am expecting the 400. I have learned about the org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true that I need to set thanks to StackOverflow, when I do that everything works fine)



    However, I see this in the localhost_access_log on the development machine:



     "DELETE ../AAASnsAATAALI/5AAK/20181114110451 HTTP/1.1" 404 1008


    Which of course I am getting the 404 because something is converting that %2F to the / causing my URL path to be wrong.



    I'm confused as to what may be different between my machine and the development machine. I don't think this could be tomcat as I'm pretty sure I just have the out of the box installs (I compared my catalina.properties and they are the same). Could this be something in IIS that is causing this on the development box? I've been scratching my head on this one for a while now, so I am hoping there is someone out there who has had this happen to them.



    Any guidance appreciated.



    EDIT:



    I have recently discovered that if I make the service call directly referencing tomcat as opposed to using the intranet URL I was provided I get the expected 400 error. So I feel there has to be a setting for the intranet site that needs to be changed. I am going through it now, but have no experience with it.










    share|improve this question


























      -1












      -1








      -1








      I have this strange issue that I am hoping someone has some experience with and can help me out.



      I have a tomcat installation on my computer that I use to run things locally when I need to, but then I will publish it to a development box for testing. However, the URL encoding is behaving differently.



      For instance, the HTTP verb looks like this (in postman, removed irrelevant rest of URL)



      DELETE .../AAASnsAATAALI%2F5AAK/20181114110451


      On my local machine I see this in the localhost_access_log:



      "DELETE ../AAASnsAATAALI%2F5AAK/20181114110451 HTTP/1.1" 400


      (I am expecting the 400. I have learned about the org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true that I need to set thanks to StackOverflow, when I do that everything works fine)



      However, I see this in the localhost_access_log on the development machine:



       "DELETE ../AAASnsAATAALI/5AAK/20181114110451 HTTP/1.1" 404 1008


      Which of course I am getting the 404 because something is converting that %2F to the / causing my URL path to be wrong.



      I'm confused as to what may be different between my machine and the development machine. I don't think this could be tomcat as I'm pretty sure I just have the out of the box installs (I compared my catalina.properties and they are the same). Could this be something in IIS that is causing this on the development box? I've been scratching my head on this one for a while now, so I am hoping there is someone out there who has had this happen to them.



      Any guidance appreciated.



      EDIT:



      I have recently discovered that if I make the service call directly referencing tomcat as opposed to using the intranet URL I was provided I get the expected 400 error. So I feel there has to be a setting for the intranet site that needs to be changed. I am going through it now, but have no experience with it.










      share|improve this question
















      I have this strange issue that I am hoping someone has some experience with and can help me out.



      I have a tomcat installation on my computer that I use to run things locally when I need to, but then I will publish it to a development box for testing. However, the URL encoding is behaving differently.



      For instance, the HTTP verb looks like this (in postman, removed irrelevant rest of URL)



      DELETE .../AAASnsAATAALI%2F5AAK/20181114110451


      On my local machine I see this in the localhost_access_log:



      "DELETE ../AAASnsAATAALI%2F5AAK/20181114110451 HTTP/1.1" 400


      (I am expecting the 400. I have learned about the org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true that I need to set thanks to StackOverflow, when I do that everything works fine)



      However, I see this in the localhost_access_log on the development machine:



       "DELETE ../AAASnsAATAALI/5AAK/20181114110451 HTTP/1.1" 404 1008


      Which of course I am getting the 404 because something is converting that %2F to the / causing my URL path to be wrong.



      I'm confused as to what may be different between my machine and the development machine. I don't think this could be tomcat as I'm pretty sure I just have the out of the box installs (I compared my catalina.properties and they are the same). Could this be something in IIS that is causing this on the development box? I've been scratching my head on this one for a while now, so I am hoping there is someone out there who has had this happen to them.



      Any guidance appreciated.



      EDIT:



      I have recently discovered that if I make the service call directly referencing tomcat as opposed to using the intranet URL I was provided I get the expected 400 error. So I feel there has to be a setting for the intranet site that needs to be changed. I am going through it now, but have no experience with it.







      java web-services tomcat






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 16 '18 at 15:09







      Derek Hansen

















      asked Nov 15 '18 at 22:28









      Derek HansenDerek Hansen

      73




      73






















          1 Answer
          1






          active

          oldest

          votes


















          0














          So in case anyone runs into this I have been able to figure out the solution through much trial and error.



          For starters, this is an IIS related problem. I am not experienced enough to probably answer specific questions, but I can do my best if any arise.



          I believe this could be a .NET 4.5 (maybe 4.0) issue, we are on 4.7 at the time of this response. So I have heard they are much more strict on their URLs in 4.5. By default IIS will decode your encoded URLs.



          The first thing that is needed is to have the URL Rewrite Module in your IIS Manager (or have the wherewithal to know the syntax to edit the web.config of your site) . We did not have this, but I was able to find someone who was able to put it on. A new rule needs to be added to this module. I have included the web.config result of that rule that works for me:



          <rewrite>
          <rules>
          <rule name="Keep Original Encoded URL String" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
          <add input="UNENCODED_URL" pattern="(.*)" />
          </conditions>
          <action type="Rewrite" url="C:0" />
          </rule>
          </rules>
          </rewrite>


          Basically, this is saying take the URL and return the unencoded URL.



          Getting all this in is not where it ended though. After making an attempt after entering that rule I received this error:



          A potentially dangerous Request.Path value was detected from the client (%) rewrite.


          In 4.0 there are default invalid characters for a URL.



          < > * % & : ?


          So in order to allow for the % to be included you have to override this default by setting the requestPathInvalidCharacters and removing the % so this is what I have now.



          <system.web>
          <httpRuntime requestPathInvalidCharacters="<,>,*,&,:,,?" />
          </system.web>


          Once doing that I was able to get the 400 Bad Request that I was expecting. And in order to solve that you put this in your catalina.properties file.



          org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true


          This solution worked for me. If anyone sees issues with them please let me know so I can address them. Hopefully this solution will work for anyone else who may have the problem.






          share|improve this answer






















            Your Answer






            StackExchange.ifUsing("editor", function ()
            StackExchange.using("externalEditor", function ()
            StackExchange.using("snippets", function ()
            StackExchange.snippets.init();
            );
            );
            , "code-snippets");

            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "1"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53328772%2fjava-web-service-keeps-encoding-on-local-machine-converts-on-development%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            So in case anyone runs into this I have been able to figure out the solution through much trial and error.



            For starters, this is an IIS related problem. I am not experienced enough to probably answer specific questions, but I can do my best if any arise.



            I believe this could be a .NET 4.5 (maybe 4.0) issue, we are on 4.7 at the time of this response. So I have heard they are much more strict on their URLs in 4.5. By default IIS will decode your encoded URLs.



            The first thing that is needed is to have the URL Rewrite Module in your IIS Manager (or have the wherewithal to know the syntax to edit the web.config of your site) . We did not have this, but I was able to find someone who was able to put it on. A new rule needs to be added to this module. I have included the web.config result of that rule that works for me:



            <rewrite>
            <rules>
            <rule name="Keep Original Encoded URL String" stopProcessing="true">
            <match url="(.*)" />
            <conditions>
            <add input="UNENCODED_URL" pattern="(.*)" />
            </conditions>
            <action type="Rewrite" url="C:0" />
            </rule>
            </rules>
            </rewrite>


            Basically, this is saying take the URL and return the unencoded URL.



            Getting all this in is not where it ended though. After making an attempt after entering that rule I received this error:



            A potentially dangerous Request.Path value was detected from the client (%) rewrite.


            In 4.0 there are default invalid characters for a URL.



            < > * % & : ?


            So in order to allow for the % to be included you have to override this default by setting the requestPathInvalidCharacters and removing the % so this is what I have now.



            <system.web>
            <httpRuntime requestPathInvalidCharacters="<,>,*,&,:,,?" />
            </system.web>


            Once doing that I was able to get the 400 Bad Request that I was expecting. And in order to solve that you put this in your catalina.properties file.



            org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true


            This solution worked for me. If anyone sees issues with them please let me know so I can address them. Hopefully this solution will work for anyone else who may have the problem.






            share|improve this answer



























              0














              So in case anyone runs into this I have been able to figure out the solution through much trial and error.



              For starters, this is an IIS related problem. I am not experienced enough to probably answer specific questions, but I can do my best if any arise.



              I believe this could be a .NET 4.5 (maybe 4.0) issue, we are on 4.7 at the time of this response. So I have heard they are much more strict on their URLs in 4.5. By default IIS will decode your encoded URLs.



              The first thing that is needed is to have the URL Rewrite Module in your IIS Manager (or have the wherewithal to know the syntax to edit the web.config of your site) . We did not have this, but I was able to find someone who was able to put it on. A new rule needs to be added to this module. I have included the web.config result of that rule that works for me:



              <rewrite>
              <rules>
              <rule name="Keep Original Encoded URL String" stopProcessing="true">
              <match url="(.*)" />
              <conditions>
              <add input="UNENCODED_URL" pattern="(.*)" />
              </conditions>
              <action type="Rewrite" url="C:0" />
              </rule>
              </rules>
              </rewrite>


              Basically, this is saying take the URL and return the unencoded URL.



              Getting all this in is not where it ended though. After making an attempt after entering that rule I received this error:



              A potentially dangerous Request.Path value was detected from the client (%) rewrite.


              In 4.0 there are default invalid characters for a URL.



              < > * % & : ?


              So in order to allow for the % to be included you have to override this default by setting the requestPathInvalidCharacters and removing the % so this is what I have now.



              <system.web>
              <httpRuntime requestPathInvalidCharacters="<,>,*,&,:,,?" />
              </system.web>


              Once doing that I was able to get the 400 Bad Request that I was expecting. And in order to solve that you put this in your catalina.properties file.



              org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true


              This solution worked for me. If anyone sees issues with them please let me know so I can address them. Hopefully this solution will work for anyone else who may have the problem.






              share|improve this answer

























                0












                0








                0







                So in case anyone runs into this I have been able to figure out the solution through much trial and error.



                For starters, this is an IIS related problem. I am not experienced enough to probably answer specific questions, but I can do my best if any arise.



                I believe this could be a .NET 4.5 (maybe 4.0) issue, we are on 4.7 at the time of this response. So I have heard they are much more strict on their URLs in 4.5. By default IIS will decode your encoded URLs.



                The first thing that is needed is to have the URL Rewrite Module in your IIS Manager (or have the wherewithal to know the syntax to edit the web.config of your site) . We did not have this, but I was able to find someone who was able to put it on. A new rule needs to be added to this module. I have included the web.config result of that rule that works for me:



                <rewrite>
                <rules>
                <rule name="Keep Original Encoded URL String" stopProcessing="true">
                <match url="(.*)" />
                <conditions>
                <add input="UNENCODED_URL" pattern="(.*)" />
                </conditions>
                <action type="Rewrite" url="C:0" />
                </rule>
                </rules>
                </rewrite>


                Basically, this is saying take the URL and return the unencoded URL.



                Getting all this in is not where it ended though. After making an attempt after entering that rule I received this error:



                A potentially dangerous Request.Path value was detected from the client (%) rewrite.


                In 4.0 there are default invalid characters for a URL.



                < > * % & : ?


                So in order to allow for the % to be included you have to override this default by setting the requestPathInvalidCharacters and removing the % so this is what I have now.



                <system.web>
                <httpRuntime requestPathInvalidCharacters="<,>,*,&,:,,?" />
                </system.web>


                Once doing that I was able to get the 400 Bad Request that I was expecting. And in order to solve that you put this in your catalina.properties file.



                org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true


                This solution worked for me. If anyone sees issues with them please let me know so I can address them. Hopefully this solution will work for anyone else who may have the problem.






                share|improve this answer













                So in case anyone runs into this I have been able to figure out the solution through much trial and error.



                For starters, this is an IIS related problem. I am not experienced enough to probably answer specific questions, but I can do my best if any arise.



                I believe this could be a .NET 4.5 (maybe 4.0) issue, we are on 4.7 at the time of this response. So I have heard they are much more strict on their URLs in 4.5. By default IIS will decode your encoded URLs.



                The first thing that is needed is to have the URL Rewrite Module in your IIS Manager (or have the wherewithal to know the syntax to edit the web.config of your site) . We did not have this, but I was able to find someone who was able to put it on. A new rule needs to be added to this module. I have included the web.config result of that rule that works for me:



                <rewrite>
                <rules>
                <rule name="Keep Original Encoded URL String" stopProcessing="true">
                <match url="(.*)" />
                <conditions>
                <add input="UNENCODED_URL" pattern="(.*)" />
                </conditions>
                <action type="Rewrite" url="C:0" />
                </rule>
                </rules>
                </rewrite>


                Basically, this is saying take the URL and return the unencoded URL.



                Getting all this in is not where it ended though. After making an attempt after entering that rule I received this error:



                A potentially dangerous Request.Path value was detected from the client (%) rewrite.


                In 4.0 there are default invalid characters for a URL.



                < > * % & : ?


                So in order to allow for the % to be included you have to override this default by setting the requestPathInvalidCharacters and removing the % so this is what I have now.



                <system.web>
                <httpRuntime requestPathInvalidCharacters="<,>,*,&,:,,?" />
                </system.web>


                Once doing that I was able to get the 400 Bad Request that I was expecting. And in order to solve that you put this in your catalina.properties file.



                org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true


                This solution worked for me. If anyone sees issues with them please let me know so I can address them. Hopefully this solution will work for anyone else who may have the problem.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 16 '18 at 20:21









                Derek HansenDerek Hansen

                73




                73





























                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53328772%2fjava-web-service-keeps-encoding-on-local-machine-converts-on-development%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Top Tejano songwriter Luis Silva dead of heart attack at 64

                    政党

                    天津地下鉄3号線