CAS 6.3.x problem with style?
156 views
Skip to first unread message
Bartosz Nitkiewicz
Apr 1, 2021, 5:32:30 AM4/1/21
to CAS Community
Hi,
We have a problem with proper loading CAS style during first use by a new user.
There is an error log:
2021-04-01 11:24:51,539 ERROR [org.springframework.boot.web.servlet.support.ErrorPageFilter] -
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
2021-04-01 11:24:51,540 ERROR [org.springframework.boot.web.servlet.support.ErrorPageFilter] - <Forwarding to error page from request [/webjars/bootstrap/4.5.3/css/bootstrap-grid.min.css] due to exception [The request was rejected because the URL contained a potentially malicious String ";"]>
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
2021-04-01 11:24:51,541 ERROR [org.springframework.boot.web.servlet.support.ErrorPageFilter] - <Forwarding to error page from request [/webjars/material-components-web/8.0.0/dist/material-components-web.css] due to exception [The request was rejected because the URL contained a potentially malicious String ";"]>
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
2021-04-01 11:24:51,542 ERROR [org.springframework.boot.web.servlet.support.ErrorPageFilter] - <Forwarding to error page from request [/webjars/mdi__font/5.0.45/css/materialdesignicons.css] due to exception [The request was rejected because the URL contained a potentially malicious String ";"]>
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
And few errors more.
After refresh CAS is working fine, probably browser cache style file or something. The error does not occur during further use of the application.
Does anyone have something similar?
Regards
Bartek
Pavlos Drandakis
Apr 1, 2021, 8:18:22 AM4/1/21
to cas-...@apereo.org
Hi Bartek,
We had the same issue and it seems that it was caused by jsessionid that it was appended in the URL...
Adding in web.xml (in <session-config>),<tracking-mode>COOKIE</tracking-mode>, solved the problem for us.
Best Regards,
Pavlos
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec1ccff8-f49d-4fdb-91a6-a59db34051c9n%40apereo.org.
Bartosz Nitkiewicz
Apr 1, 2021, 9:37:53 AM4/1/21
to CAS Community, pdr...@gmail.com
Thanks this fixed the problem.
Regards
Bartek
Reply all
Reply to author
Forward
0 new messages