“URL was not normalized” with Spring Boot 2 and Kotlin
In my current project we deploy several Spring Boot 1.5.4.RELEASE
microservices in Openshift
with Kubernetes
. We have configured an Apache Proxy Balancer:
From To
/msa/microname1 -> /
/msa/microname2 -> /
...
Recently we introduced Spring Boot 2
and we developed a new microservice with Kotlin
. We configured the balancer the same way considering that urls like /health
and /info
are placed under /actuator
path.
Now when we consume any endpoint of this new microservice (/health
or any of our endpoints) we are having an error like this:
org.springframework.security.web.firewall.RequestRejectedException:
The request was rejected because the URL was not normalized ...
The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>
When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.
We checked our proxy balancer and it is configured the same way than the others.
Is is any extra configuration on Spring Boot 2
we have to consider?
Can this be a problem related to Kotlin
?
Update
As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.
@Bean
fun allowUrlEncodedSlash(): HttpFirewall {
var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
override fun configure(web: WebSecurity) {
web.httpFirewall(allowUrlEncodedSlash())
}
apache spring-boot kotlin openshift spring-boot-actuator
add a comment |
In my current project we deploy several Spring Boot 1.5.4.RELEASE
microservices in Openshift
with Kubernetes
. We have configured an Apache Proxy Balancer:
From To
/msa/microname1 -> /
/msa/microname2 -> /
...
Recently we introduced Spring Boot 2
and we developed a new microservice with Kotlin
. We configured the balancer the same way considering that urls like /health
and /info
are placed under /actuator
path.
Now when we consume any endpoint of this new microservice (/health
or any of our endpoints) we are having an error like this:
org.springframework.security.web.firewall.RequestRejectedException:
The request was rejected because the URL was not normalized ...
The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>
When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.
We checked our proxy balancer and it is configured the same way than the others.
Is is any extra configuration on Spring Boot 2
we have to consider?
Can this be a problem related to Kotlin
?
Update
As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.
@Bean
fun allowUrlEncodedSlash(): HttpFirewall {
var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
override fun configure(web: WebSecurity) {
web.httpFirewall(allowUrlEncodedSlash())
}
apache spring-boot kotlin openshift spring-boot-actuator
add a comment |
In my current project we deploy several Spring Boot 1.5.4.RELEASE
microservices in Openshift
with Kubernetes
. We have configured an Apache Proxy Balancer:
From To
/msa/microname1 -> /
/msa/microname2 -> /
...
Recently we introduced Spring Boot 2
and we developed a new microservice with Kotlin
. We configured the balancer the same way considering that urls like /health
and /info
are placed under /actuator
path.
Now when we consume any endpoint of this new microservice (/health
or any of our endpoints) we are having an error like this:
org.springframework.security.web.firewall.RequestRejectedException:
The request was rejected because the URL was not normalized ...
The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>
When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.
We checked our proxy balancer and it is configured the same way than the others.
Is is any extra configuration on Spring Boot 2
we have to consider?
Can this be a problem related to Kotlin
?
Update
As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.
@Bean
fun allowUrlEncodedSlash(): HttpFirewall {
var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
override fun configure(web: WebSecurity) {
web.httpFirewall(allowUrlEncodedSlash())
}
apache spring-boot kotlin openshift spring-boot-actuator
In my current project we deploy several Spring Boot 1.5.4.RELEASE
microservices in Openshift
with Kubernetes
. We have configured an Apache Proxy Balancer:
From To
/msa/microname1 -> /
/msa/microname2 -> /
...
Recently we introduced Spring Boot 2
and we developed a new microservice with Kotlin
. We configured the balancer the same way considering that urls like /health
and /info
are placed under /actuator
path.
Now when we consume any endpoint of this new microservice (/health
or any of our endpoints) we are having an error like this:
org.springframework.security.web.firewall.RequestRejectedException:
The request was rejected because the URL was not normalized ...
The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>
When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.
We checked our proxy balancer and it is configured the same way than the others.
Is is any extra configuration on Spring Boot 2
we have to consider?
Can this be a problem related to Kotlin
?
Update
As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.
@Bean
fun allowUrlEncodedSlash(): HttpFirewall {
var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
override fun configure(web: WebSecurity) {
web.httpFirewall(allowUrlEncodedSlash())
}
apache spring-boot kotlin openshift spring-boot-actuator
apache spring-boot kotlin openshift spring-boot-actuator
edited Oct 4 '18 at 11:03
Spacemonkey
asked Oct 3 '18 at 9:17
SpacemonkeySpacemonkey
1,20331640
1,20331640
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Check this answer: https://stackoverflow.com/a/48644226/10451721
It seems to be the same issue as yours but in Java instead of Kotlin.
Spring doesn't like //
in URLs by default.
I have converted the Java in the linked answer for you:
@Bean
fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
val firewall = StrictHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.
– Spacemonkey
Oct 4 '18 at 10:15
add a comment |
Solved by adding context to the application in our balancer.
Now all our endpoints have a context in our microservice, defined in application.yml.
From To
/msa/microname1 -> /
/msa/microname2 -> /
/msa/Kotlinname/kt -> /kt
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52623669%2furl-was-not-normalized-with-spring-boot-2-and-kotlin%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Check this answer: https://stackoverflow.com/a/48644226/10451721
It seems to be the same issue as yours but in Java instead of Kotlin.
Spring doesn't like //
in URLs by default.
I have converted the Java in the linked answer for you:
@Bean
fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
val firewall = StrictHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.
– Spacemonkey
Oct 4 '18 at 10:15
add a comment |
Check this answer: https://stackoverflow.com/a/48644226/10451721
It seems to be the same issue as yours but in Java instead of Kotlin.
Spring doesn't like //
in URLs by default.
I have converted the Java in the linked answer for you:
@Bean
fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
val firewall = StrictHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.
– Spacemonkey
Oct 4 '18 at 10:15
add a comment |
Check this answer: https://stackoverflow.com/a/48644226/10451721
It seems to be the same issue as yours but in Java instead of Kotlin.
Spring doesn't like //
in URLs by default.
I have converted the Java in the linked answer for you:
@Bean
fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
val firewall = StrictHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
Check this answer: https://stackoverflow.com/a/48644226/10451721
It seems to be the same issue as yours but in Java instead of Kotlin.
Spring doesn't like //
in URLs by default.
I have converted the Java in the linked answer for you:
@Bean
fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
val firewall = StrictHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}
answered Oct 4 '18 at 10:13
Ed JeffreysEd Jeffreys
13
13
Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.
– Spacemonkey
Oct 4 '18 at 10:15
add a comment |
Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.
– Spacemonkey
Oct 4 '18 at 10:15
Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.
– Spacemonkey
Oct 4 '18 at 10:15
Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.
– Spacemonkey
Oct 4 '18 at 10:15
add a comment |
Solved by adding context to the application in our balancer.
Now all our endpoints have a context in our microservice, defined in application.yml.
From To
/msa/microname1 -> /
/msa/microname2 -> /
/msa/Kotlinname/kt -> /kt
add a comment |
Solved by adding context to the application in our balancer.
Now all our endpoints have a context in our microservice, defined in application.yml.
From To
/msa/microname1 -> /
/msa/microname2 -> /
/msa/Kotlinname/kt -> /kt
add a comment |
Solved by adding context to the application in our balancer.
Now all our endpoints have a context in our microservice, defined in application.yml.
From To
/msa/microname1 -> /
/msa/microname2 -> /
/msa/Kotlinname/kt -> /kt
Solved by adding context to the application in our balancer.
Now all our endpoints have a context in our microservice, defined in application.yml.
From To
/msa/microname1 -> /
/msa/microname2 -> /
/msa/Kotlinname/kt -> /kt
answered Nov 27 '18 at 17:31
SpacemonkeySpacemonkey
1,20331640
1,20331640
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52623669%2furl-was-not-normalized-with-spring-boot-2-and-kotlin%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown