NullPointerException may occur for HTTPs requests to WebContainer

[pmd1nh]

Describe the bug
If secured request (i.e https:// ) is accepted into the WebContainer but has an exception before the WebContainer can determine a target application to handle this request, the java.lang.NullPointerException can occur.

Same scenario does not have NPE using the un-secure (i.e http) request.

Steps to Reproduce
Send HTTPS with a bad encoded URI to an existing application (i.e context root). For example:

https://host:secure_port/%5%20C..

Expected behavior
No NullPointerException in either the response, message; no FFDC

Diagnostic information:

• OpenLiberty Version: all version until this is fixed.
• Affected feature(s) [servlet]
• Java Version: [11]
• server.xml configuration (WITHOUT sensitive information like passwords)
  need to enable SSL (<feature>transportSecurity-1.0</feature> , <keyStore/>, <ssl/> )
• If it would be useful, upload the messages.log file found in $WLP_OUTPUT_DIR/messages.log

Additional context
None

[pmd1nh]

FFDC

Exception = java.lang.NullPointerException
Source = com.ibm.ws.webcontainer.srt31.SRTConnectionContext.finishConnection
probeid = 64
Stack Dump = java.lang.NullPointerException: Cannot invoke "com.ibm.ws.webcontainer.webapp.WebApp.getConfiguration()" because "webApp" is null
	at com.ibm.ws.webcontainer.srt.SRTServletResponse.addSTSHeader(SRTServletResponse.java:1082)
	at com.ibm.ws.webcontainer.srt.SRTServletResponse.commit(SRTServletResponse.java:1025)
	at com.ibm.ws.webcontainer.srt.SRTServletResponse.finish(SRTServletResponse.java:283)
	at com.ibm.ws.webcontainer40.srt.SRTServletResponse40.finish(SRTServletResponse40.java:238)
	at com.ibm.ws.webcontainer31.osgi.srt.SRTConnectionContext31.finishConnection(SRTConnectionContext31.java:209)
	at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1205)
	at com.ibm.ws.webcontainer.osgi.DynamicVirtualHost$2.run(DynamicVirtualHost.java:293)
	at com.ibm.ws.http.dispatcher.internal.channel.HttpDispatcherLink$TaskWrapper.run(HttpDispatcherLink.java:1260)
	at com.ibm.ws.http.dispatcher.internal.channel.HttpDispatcherLink.wrapHandlerAndExecute(HttpDispatcherLink.java:476)
	at com.ibm.ws.http.dispatcher.internal.channel.HttpDispatcherLink.ready(HttpDispatcherLink.java:435)
	at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:569)
	at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.handleNewRequest(HttpInboundLink.java:503)
	at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.processRequest(HttpInboundLink.java:363)
	at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.ready(HttpInboundLink.java:330)
	at com.ibm.ws.http.channel.h2internal.H2StreamProcessor$Http2Ready.run(H2StreamProcessor.java:1818)
	at com.ibm.ws.threading.internal.ExecutorServiceImpl$RunnableWrapper.run(ExecutorServiceImpl.java:280)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
	at java.base/java.lang.Thread.run(Thread.java:857)