Loading...

XML

Word

Printable

Details

Type: Enhancement
Resolution: Done
Priority: Major
Fix Version/s: 1.2.13.Final, 1.4.0.Beta1, 1.3.10.Final, 1.1.10.Final
Affects Version/s: 1.1.8.Final
Component/s: Security, Servlet
Labels:
None

Git Pull Request:
https://github.com/undertow-io/undertow/commit/cef8430793bc8f5bd29ee2696c530fff7ecf854d

Description

Automated web proxy scanners that scan networks for signs of vulnerabilities, i.e open proxies provoke following errorrs being spitted out during their "server probing"

io.undertow.request Undertow request failed HttpServerExchange{ CONNECT proxytest.zmap.io:80}: java.lang.IllegalArgumentException: UT000068: Servlet path match failed
        at io.undertow.servlet.handlers.ServletPathMatchesData.getServletHandlerByPath(ServletPathMatchesData.java:83)

location from where it is thrown says

//this should never happen
//as the default servlet is aways registered under /*

also seeing lots of following errors

// Some comments here
io.undertow.request UT005001: An exception occurred processing the request: java.net.URISyntaxException: Relative path in absolute URI: https://zc.qq.com:443http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.2443472354574447
        at java.net.URI.checkPath(Unknown Source) [rt.jar:1.7.0_71]
        at java.net.URI.<init>(Unknown Source) [rt.jar:1.7.0_71]
        at io.undertow.security.handlers.SinglePortConfidentialityHandler.getRedirectURI(SinglePortConfidentialityHandler.java:51) [undertow-core-1.1.8.Final.jar:1.1.8.Final]

Attachments

Activity

People

Assignee:: Stuart Douglas

Reporter:: Zekoslav Zeko (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2015/12/01 5:24 AM

Updated:: 2020/02/14 1:43 PM

Resolved:: 2015/12/01 11:42 PM