On 03/12/2016 13:28, i...@flyingfischer.ch wrote: > Between Tomcat 8.38 und 8.39 there seems to be a change in handling URL > parameters: > > ¶mxy=1|2 > > This will cause Tomcat to return a 400 error since 8.39. It is the > character "|" that causes the new behaviour. I suspect these changes: > > https://github.com/apache/tomcat/commit/516bda676ac8d0284da3e0295a7df70391315360 > > > First thing to know: > > Is this intended?
Yes. > > Second: > > Anyway to restore the previous behaviour of 8.38 with a config option. No, since the changes were in response to a security issue. '|' is not a valid character in any part of an HTTP/1.1 request-target. You need to fix whatever broken client is sending '|' without % encoding it. Mark > > Thanks for considering! > > Best regards > Markus > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
