Tomcat returns 400 with invalid header after updating to JWS 5
Issue
- After upgrading to JWS 5 tomcat, we now see 400 responses if a request includes an invalid header:
INFO [https-jsse-nio-8080-exec-10] org.apache.coyote.http11.Http11Processor.service Error parsing HTTP request header
Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: The HTTP header line [jsessionid=DE24B48D893ACC127446E2099809A75F;: JSESSIONID=DE24B48D893ACC127446E2099809A75F;] does not conform to RFC 7230 and has been ignored.
at org.apache.coyote.http11.Http11InputBuffer.skipLine(Http11InputBuffer.java:1020)
at org.apache.coyote.http11.Http11InputBuffer.parseHeader(Http11InputBuffer.java:872)
at org.apache.coyote.http11.Http11InputBuffer.parseHeaders(Http11InputBuffer.java:594)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:283)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Environment
- JBoss Web Server (JWS) 5.x
- Tomcat 9.0.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
