Route Service unable to parse URLs containing control characters
Article ID: 297973
Updated On:
Products
VMware Tanzu Application Service for VMs
Issue/Introduction
If your
VMware Tanzu Application Service for VMs is released with routing release .188.x or higher, then URLs with control characters returns the error message "
This issue affects TAS for VMs 2.6.x, 2.7.x, and 2.8.x.
[0] https://github.com/golang/go/commit/829c5df58694b3345cb5ea41206783c8ccf5c3ca
400 Bad Request: Failed to validate Route Service Signature for x-forwarded-client-cert".This issue affects TAS for VMs 2.6.x, 2.7.x, and 2.8.x.
Example
curl -v -k 'https://<url>/status.jsp?sign=%0D' 400 Bad Request: Failed to validate Route Service Signature for x-forwarded-client-cert
Cause
This issue is caused by the dependency bump of the GO library from v1.11.x to v1.12.x introduced in routing release .188+. GO 1.12.x released with a check for CTRL characters and rejects them from being parsed [0].[0] https://github.com/golang/go/commit/829c5df58694b3345cb5ea41206783c8ccf5c3ca
Environment
Product Version: 2.6
Resolution
Workaround
1. Where possible, usePOST instead of GET to transmit data. POST requests do not append special characters to the URL
Note: In the long term, routing release 0.199.0 will fix the control character parsing issue.
Feedback
Yes
No
Powered by
