Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve StrictHttpFirewall error messaging #13614

Merged
merged 2 commits into from
Sep 12, 2023
Merged

Improve StrictHttpFirewall error messaging #13614

merged 2 commits into from
Sep 12, 2023

Conversation

bjornharvold
Copy link
Contributor

Better error strings for invalid header and parameter values.

This PR was created because we have had an outstanding ticket with Cloudflare (https://support.cloudflare.com/hc/en-us/requests/2858014?page=1) for over a month where we have been trying to get to the bottom of what / who is sending an illegal header value. because StrictHttpFirewall doesn't tell us what the header name is, it's been a guessing game.

Work done: Updated exception strings to include the header / parameter name for when the value is invalid.

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Aug 4, 2023
@bjornharvold bjornharvold mentioned this pull request Aug 4, 2023
Closed
@jzheaux jzheaux added in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Aug 9, 2023
@jzheaux jzheaux self-assigned this Aug 9, 2023
@jzheaux jzheaux changed the title 📝 docs: improved errors StrictHttpFirewall Improve StrictHttpFirewall error messaging Aug 9, 2023
@bjornharvold @jzheaux
Improve StrictHttpFirewall Error Messaging
0f7426b 
Better error strings for invalid header and parameter values.

Closes spring-projectsgh-13615
@jzheaux jzheaux added this to the 6.2.0-M2 milestone Aug 9, 2023
@jzheaux jzheaux force-pushed the strict-firewall-exception-improvement branch from c9c1d70 to b667509 Compare August 9, 2023 00:41
@sjohnr sjohnr modified the milestones: 6.2.0-M2, 6.2.0-M3 Aug 19, 2023
@jzheaux jzheaux merged commit 2a1cf98 into spring-projects:main Sep 12, 2023
2 checks passed
@jzheaux
Copy link
Contributor

jzheaux commented Sep 12, 2023

Thanks, @bjornharvold! This is now merged into main.

@bjornharvold bjornharvold deleted the strict-firewall-exception-improvement branch October 27, 2023 03:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jzheaux jzheaux

Labels
in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
Projects
None yet
Milestone
6.2.0-M3
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@bjornharvold @jzheaux @sjohnr @spring-projects-issues