Wicket
  1. Wicket
  2. WICKET-831

Return response status 404 when a mapper cannot decode a request url

    Details

    • Type: New Feature New Feature
    • Status: Resolved
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 7.0.0-M1, 6.15.0
    • Component/s: wicket
    • Labels:
      None

      Description

      in a real production environment, you will get crawlers and users poking at urls and when that happens to produce an invalid request it's probably better to 404 the request than throw the current IllegalStateException we throw. we might want to step back and think in general about invalid requests in production versus development mode. i also think i suggested fairly recently that we should add an exception that 404s a request. these two things could work together.

        Activity

        Hide
        Jonathan Locke added a comment -

        yay!

        thank you!

        Show
        Jonathan Locke added a comment - yay! thank you!
        Hide
        Martijn Dashorst added a comment -

        Moved to next milestone release.

        Show
        Martijn Dashorst added a comment - Moved to next milestone release.
        Hide
        Timo Rantalaiho added a comment -

        This is a new feature so belongs to 1.5, right?

        Show
        Timo Rantalaiho added a comment - This is a new feature so belongs to 1.5, right?
        Hide
        Martin Grigorov added a comment -

        There is org.apache.wicket.request.http.flow.AbortWithHttpErrorCodeException but I'm not sure I understand the problem completely. When it should be used ?

        Show
        Martin Grigorov added a comment - There is org.apache.wicket.request.http.flow.AbortWithHttpErrorCodeException but I'm not sure I understand the problem completely. When it should be used ?
        Hide
        Igor Vaynberg added a comment -

        any time there is a problem decoding a url we should throw 404. for example in 1.4 if a page is mounted on /foo and the user hits /foo/bar there is an error decoding the url because wicket expects 3 path parameters, the mount, parameter name (bar) and parameter value which is not in the url. since wicket cant parse the url it will throw an illegalstateexception which results in the wicket error page. instead, it should abort with a 404 so the browser knows this is an illegal url.

        Show
        Igor Vaynberg added a comment - any time there is a problem decoding a url we should throw 404. for example in 1.4 if a page is mounted on /foo and the user hits /foo/bar there is an error decoding the url because wicket expects 3 path parameters, the mount, parameter name (bar) and parameter value which is not in the url. since wicket cant parse the url it will throw an illegalstateexception which results in the wicket error page. instead, it should abort with a 404 so the browser knows this is an illegal url.
        Hide
        Martin Grigorov added a comment -

        In Wicket 6.x there was only one place where an IRequestMapper was throwing an exception that would lead to error 500.

        Now in DEPLOYMENT mode it will be AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, message)

        Show
        Martin Grigorov added a comment - In Wicket 6.x there was only one place where an IRequestMapper was throwing an exception that would lead to error 500. Now in DEPLOYMENT mode it will be AbortWithHttpErrorCodeException(HttpServletResponse.SC_NOT_FOUND, message)

          People

          • Assignee:
            Martin Grigorov
            Reporter:
            Jonathan Locke
          • Votes:
            4 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development