This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

An incoming request with '\' in it doesnt hit the proxy

Posted on 09-23-2015 06:39 AM
vednath_pittala
New Member
Reply posted on --/--/---- --:-- AM

I have a request in the following format

http://{{apism.url}}/accountaccess-v1/orders/?accountId=162703995&sourceId=TAG&maxResults=\

when I do a trace I don't see any request hitting my endpoint. But when i try the same request without \ the request hits my endpoint.

The following requests work as expected

http://{{apism.url}}/accountaccess-v1/orders/?accountId=162703995&sourceId=TAG&maxResults=

or

http://{{apism.url}}/accountaccess-v1/orders/?accountId=162703995&sourceId=TAG&maxResults

How do i handle such a scenario?

0 9 120
Topic Labels
0 Likes
9 REPLIES 9

Posted on --/--/---- --:-- AM
willwitman
Staff
Reply posted on --/--/---- --:-- AM

Hi Vednath --

Can you try to URL encode that character? It's %5C

0 Likes

Posted on --/--/---- --:-- AM
adas
New Member
Reply posted on --/--/---- --:-- AM

@vednath pittala RFC 2396 section 2.4.3 says "\" is not allowed within URIs. You need to URL encode that character like @wwitman already suggested.

Refer: https://www.ietf.org/rfc/rfc2396.txt

0 Likes

Posted on --/--/---- --:-- AM
vednath_pittala
New Member
Reply posted on --/--/---- --:-- AM

Agreed on that but if the end user is sending it as part of request cant we have an error handling for the same?And to have some error handling mechanism in place it is necessary that the request is shown up on trace so I know where and when I can handle them?

All I need is to give a meaningful error message to the end user if and when such a request comes in

0 Likes

Posted on --/--/---- --:-- AM
adas
New Member
Reply posted on --/--/---- --:-- AM

@vednath pittala I don't think the request even hits the apigee layer if you have "\" in the URL at the end. Do you get a response to the call, when you make it with the trailing backslash ?

0 Likes

Posted on --/--/---- --:-- AM
vednath_pittala
New Member
In response to adas
Reply posted on --/--/---- --:-- AM

No I don't, that is the whole problem 🙂 . Rather than the request being lost I would want to send a meaningful error message stating "re-correct the request and try again"

0 Likes

Posted on --/--/---- --:-- AM
adas
New Member
In response to vednath_pittala
Reply posted on --/--/---- --:-- AM

I don't think the request reaches the apigee layer at all, so there's nothing that we can do. How are you making this call, using curl or some other tool ?

Try this in curl and see what happens.

0 Likes

Posted on --/--/---- --:-- AM
vednath_pittala
New Member
In response to adas
Reply posted on --/--/---- --:-- AM

RESTClient/Postman or some other browser based tool

0 Likes

Posted on --/--/---- --:-- AM
adas
New Member
In response to vednath_pittala
Reply posted on --/--/---- --:-- AM

Can you please try using curl. Some of the browser based tools would actually encode the "/" which might be hiding the actual behaviour from you.

0 Likes

Posted on --/--/---- --:-- AM
vednath_pittala
New Member
In response to adas
Reply posted on --/--/---- --:-- AM

Will do in a while and keep you posted about the behavior

0 Likes