You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm having the ';' exception when I'm accessing esg-orp. The app is responding with a redirection URL that "embeds" into the URL the jssession parameter instead of using the Set-Cookie header in the redirection.
INFO: Server startup in 25672 ms
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
at org.springframework.security.web.firewall.StrictHttpFirewall.rejectedBlacklistedUrls(StrictHttpFirewall.java:265)
at org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:245)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:193)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at esg.node.filters.AccessLoggingFilter.doFilter(AccessLoggingFilter.java:201)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at esg.orp.app.FilterAuthorizationEnforcerer.doFilter(FilterAuthorizationEnforcerer.java:54)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at esg.orp.app.RegistrationFilter.doFilter(RegistrationFilter.java:62)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at esg.orp.app.AccessControlFilterTemplate.doFilter(AccessControlFilterTemplate.java:67)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at esg.orp.app.AccessControlFilterTemplate.doFilter(AccessControlFilterTemplate.java:67)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
The text was updated successfully, but these errors were encountered:
zequihg50
added a commit
to SantanderMetGroup/esg-orp
that referenced
this issue
Dec 13, 2019
I'm having the ';' exception when I'm accessing esg-orp. The app is responding with a redirection URL that "embeds" into the URL the
jssession
parameter instead of using theSet-Cookie
header in the redirection.The text was updated successfully, but these errors were encountered: