KB Article #178041
Gateway is unable to accept unsafe query string characters from a client
Problem
A client, such as Microsoft SharePoint, is sending certain unsafe characters like curly braces in the query string, which are not accepted by the gateway or visible to policy.
Resolution
This is technically invalid behavior on the client's part, as unsafe characters should be URL-encoded and normal behavior would be to reject this. However, for certain software like Microsoft SharePoint, there does not appear to be a way to configure it to properly encode the query strings. In such cases, the API Gateway can be forced to encode the query string sent by the client to the gateway.
If the Gateway receives a URI that is invalid, and the urlEncodeInvalidQueryStringParamChars setting contains one or more characters, the Gateway will URL encode any occurrences of these characters in the received query string parameter values. Note that the Gateway will check the URI validity after the encoding has been applied. If incorrectly configured, the URI may still be invalid. Listing the exact characters gives more control on exactly what should get encoded and should help avoid double URL encoding. The characters listed are required to be XML escaped for example:
" | " |
< | < |
> | > |
space |
The " < > space { and } characters will be URL encoded if the following is specified:
<VMArg name="-DurlEncodeInvalidQueryStringParamChars=""<> {}" />
The following variable should also be set to avoid URL parsing errors before the query string is even read:
<VMArg name="-Dcom.vordel.strictUriSyntaxChecking=false" />
For more details on how to set variables like these, refer to the documentation on Java system properties.