IBM Support

PI80786: HTTP 500 IS RETURNED FROM A REQUEST WITH TOO MANY PARENT DIRECTORIES (FORWARD SLASHES) IN THE URL

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • HTTP 500 (server error) is returned from a request with too
    many
    parent directories (forward slashes) in the URL.  The return
    code should be a 400 (invalid request)
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server.                                     *
    ****************************************************************
    * PROBLEM DESCRIPTION: A 500 status code is returned when the  *
    *                      request URI contains more references    *
    *                      to                                      *
    *                      a parent directory than allowed         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    If a request URI contains more references to a parent directory
    than allowed a 500 status code will be returned to the client.
    A
    400 status code could be expected in this scenario as this is a
    bad request.
    

Problem conclusion

  • The WebContainer code has been modified to set a 400 status code
    in the scenario descried above. A new WebContainer custom
    property needs to be set to true to enable the new behavior.
    
    Name: com.ibm.ws.webcontainer.set400SCOnTooManyParentDirs
    Value: true/false(default)
    
    The fix for this APAR is currently targeted for inclusion in fix
    pack 8.5.5.20, 9.0.5.8, and Liberty 19.0.0.1.  Please refer to
    the Recommended Updates page for delivery information:
    
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI80786

  • Reported component name

    LIBERTY PROFILE

  • Reported component ID

    5724J0814

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-04-28

  • Closed date

    2019-01-09

  • Last modified date

    2021-06-02

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    LIBERTY PROFILE

  • Fixed component ID

    5724J0814

Applicable component levels

  • R850 PSY

       UP

[{"Line of Business":{"code":"LOB36","label":"IBM Automation"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"850"}]

Document Information

Modified date:
16 September 2021