Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HandlerMappingIntrospector is throwing PatternSyntaxException for wildcards in the request URL #31937

Closed
nico-arianto opened this issue Jan 3, 2024 · 2 comments
Closed

HandlerMappingIntrospector is throwing PatternSyntaxException for wildcards in the request URL #31937

nico-arianto opened this issue Jan 3, 2024 · 2 comments
Assignees
@bclozel
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: backported An issue that has been backported to maintenance branches type: bug A general bug
Milestone
6.1.3

Comments

@nico-arianto
Copy link

nico-arianto commented Jan 3, 2024
edited

After upgrade the Spring Boot 3.2, a HTTP request with * wildcard is throwing an exception as below:

java.util.regex.PatternSyntaxException: Dangling meta character '*' near index 16
/consumers/1234****/profile
                ^
	at java.base/java.util.regex.Pattern.error(Pattern.java:2028)
	at java.base/java.util.regex.Pattern.sequence(Pattern.java:2203)
	at java.base/java.util.regex.Pattern.expr(Pattern.java:2069)
	at java.base/java.util.regex.Pattern.compile(Pattern.java:1783)
	at java.base/java.util.regex.Pattern.<init>(Pattern.java:1430)
	at java.base/java.util.regex.Pattern.compile(Pattern.java:1069)
	at java.base/java.util.regex.Pattern.matches(Pattern.java:1174)
	at java.base/java.lang.String.matches(String.java:2844)
	at org.springframework.web.servlet.handler.HandlerMappingIntrospector$CachedResult.matches(HandlerMappingIntrospector.java:402)
	at org.springframework.web.servlet.handler.HandlerMappingIntrospector$CachedResult.getResultFor(HandlerMappingIntrospector.java:433)
	at org.springframework.web.servlet.handler.HandlerMappingIntrospector.getCorsConfiguration(HandlerMappingIntrospector.java:295)
	at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:86)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137)
	at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)

While in Spring Boot <= 3.1, this URL with * wild card is OK, and working as expected.

Info: Only happen to spring-web, but it's fine for spring-webflux
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged or decided on label Jan 3, 2024
@bclozel bclozel transferred this issue from spring-projects/spring-boot Jan 3, 2024
@bclozel bclozel added the in: web Issues in web modules (web, webmvc, webflux, websocket) label Jan 3, 2024
@jhollmannk
Copy link

jhollmannk commented Jan 4, 2024
edited

We have the same problem where there are special characters (from regexp) in a resource (for example a user). So something like
DELETE /users/user+*something
will now throw the error (Dangling meta character '*') because there is the '+' directlty in front of it.
DELETE /users/user+some*thing
will work.

Our requests are correctly URL-encoded but '+' and '*' are no special characters for a URI so they are not replaced by something like %2B and %2A.

Additional info: We use the ant path matcher:
spring.mvc.pathmatch.matching-strategy=ant_path_matcher

@bclozel bclozel self-assigned this Jan 4, 2024
@bclozel bclozel changed the title Spring Boot 3.2 is throwing an exception for * wild card in the URL request HandlerMappingIntrospector is throwing PatternSyntaxException for wildcards in the request URL Jan 4, 2024
@bclozel bclozel added type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Jan 4, 2024
@bclozel bclozel added this to the 6.1.3 milestone Jan 4, 2024
@bclozel bclozel added the for: backport-to-6.0.x Marks an issue as a candidate for backport to 6.0.x label Jan 4, 2024
@github-actions github-actions bot added status: backported An issue that has been backported to maintenance branches and removed for: backport-to-6.0.x Marks an issue as a candidate for backport to 6.0.x labels Jan 4, 2024
@github-actions github-actions bot mentioned this issue Jan 4, 2024
Closed
@bclozel bclozel closed this as completed in 7c9307e Jan 4, 2024
@bclozel
Copy link
Member

bclozel commented Jan 4, 2024

Thanks for the report @nico-arianto @jhollmannk , this is now fixed and available in both 6.1.3-SNAPSHOT and 6.0.16-SNAPSHOT. You can see the release dates on our milestone page or our on public release calendar.

@prabhu prabhu mentioned this issue Jan 24, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bclozel bclozel

Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: backported An issue that has been backported to maintenance branches type: bug A general bug
Projects
None yet
Milestone
6.1.3
Development

No branches or pull requests
4 participants
@bclozel @nico-arianto @spring-projects-issues @jhollmannk