Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
5.4
Description
A few days ago some tool tried to find vulnerabilites by checking urls like /pageid=99999' . This lead to dozens of exception reports like
Exception type: java.lang.IllegalArgumentException
Message: Input string 'pageid=99999'' is not valid; the character '=' at position 7 is not valid.
This should either be a custom exception type, so it can be handled without parsing the IllegalArgumentException message or it should be a 400 - Bad request, which would also allow for a custom error page.