Return response status 404 when a mapper cannot decode a request url

in a real production environment, you will get crawlers and users poking at urls and when that happens to produce an invalid request it's probably better to 404 the request than throw the current IllegalStateException we throw. we might want to step back and think in general about invalid requests in production versus development mode. i also think i suggested fairly recently that we should add an exception that 404s a request. these two things could work together.