-
Bug
-
Resolution: Duplicate
-
Neutral
-
None
-
None
-
None
-
None
Steps to reproduce
- create page with non-ascii chars in path e.g. ä
- Try to access page (with out being logged in to magnolia)
Expected results
Page is visible
Actual results
HTTP Status 500 – Internal Server Error
Type Exception Report
Message An invalid path [/testiä] was specified for this cookie
Description The server encountered an unexpected condition that prevented it from fulfilling the request.
Exception
java.lang.IllegalArgumentException: An invalid path [/testiä] was specified for this cookie org.apache.tomcat.util.http.Rfc6265CookieProcessor.validatePath(Rfc6265CookieProcessor.java:241) org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:160) org.apache.catalina.connector.Response.generateCookieString(Response.java:975) org.apache.catalina.connector.Response.addCookie(Response.java:927) org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:385) javax.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:60) info.magnolia.cms.security.CsrfTokenSecurityFilter.unloggedRequestCheckPasses(CsrfTokenSecurityFilter.java:171) info.magnolia.cms.security.CsrfTokenSecurityFilter.csrfCheckPasses(CsrfTokenSecurityFilter.java:116) info.magnolia.cms.security.CsrfTokenSecurityFilter.doFilter(CsrfTokenSecurityFilter.java:106)
Workaround
Development notes
Magnolia CE 6.2.5, Tomcat 9.0.41
- duplicates
-
MAGNOLIA-7991 Invalid path for cookie with special characters
- Closed
-
MAGNOLIA-8142 Non ASCII characters in URIs interfere with CsrfTokenSecurityFilter
- Closed