Java Agents 2023.11.2

Control Handling of the URL Encoded Sequence %2e

This property controls whether the encoding sequence %2e, if used in incoming URL paths, is rejected, accepted (without decoding) or treated as a . character.

When set to REJECT_OUTRIGHT, if the sequence %2e occurs anywhere in the incoming URI path, or path parameters, the agent will reject the incoming request with an HTTP 400 response.

When set to ACCEPT_BUT_NOT_INTERPRET, any occurrence of %2e in the incoming URI path, or path parameters, will be left unconverted.

When set to ACCEPT_AND_INTERPRET, any occurrence of %2e in the incoming URI path will be interpreted as a . character.

Property name

org.forgerock.agents.percent.2e.handling.strategy

Aliases

org.forgerock.agents.percent.2e.handling.strategy
  Introduced in Java Agent 2023.11.2

Function

Configure behaviour

Supported settings
REJECT_OUTRIGHT

Any and all occurrences of the specified sequence within the incoming URL will cause the agent to reject the incoming request with HTTP 400.

ACCEPT_BUT_NOT_INTERPRET

Occurrences of the specified sequence within the incoming URL will not cause the agent to reject the incoming request, but the sequence will be left decoded.

ACCEPT_AND_INTERPRET

Occurrences of the specified sequence within the incoming URL will not cause the agent to reject the incoming request, and the sequence will be decoded for the purposes of not-enforced rule matching and AM policy evaluation

Default

REJECT_OUTRIGHT

Bootstrap property

No

Required property

No

Restart required

No

Local configuration file

AgentConfig.properties