AnsweredAssumed Answered

Invalid string: TableID

Question asked by rajesh sunderraju on May 29, 2018

When I am trying to navigate to the next page after I received the search results, I am getting the below error:

Invalid string: TableID

com.aveksa.server.core.SecurityException: Unsafe characters detected in URL parameters. Possible XSS attack.

                at com.aveksa.gui.core.GuiFramework.handleSecurityError(GuiFramework.java:467)

                at com.aveksa.gui.core.ACMFramework.handleSecurityError(ACMFramework.java:464)

                at com.aveksa.gui.util.LinkValidator.XSSError(LinkValidator.java:174)

                at com.aveksa.gui.util.LinkValidator.validateParamAndCopy(LinkValidator.java:134)

                at com.aveksa.gui.util.Link.copyParams(Link.java:181)

                at com.aveksa.gui.util.Link.<init>(Link.java:135)

                at com.aveksa.gui.pages.base.data.dialog.DialogPageData.getLink(DialogPageData.java:161)

                at com.aveksa.gui.components.table.dialogs.base.TableDialogData.getLink(TableDialogData.java:56)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.getLink(FilterDialogData.java:218)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.getURL(FilterDialogData.java:224)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.makeFilterInputField(FilterDialogData.java:144)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.getFilterDisplay(FilterDialogData.java:107)

                at com.aveksa.gui.components.table.core.TableView.printFilterInfo(TableView.java:946)

                at com.aveksa.gui.components.table.core.TableView.printTopControls(TableView.java:396)

                at com.aveksa.gui.components.table.core.TableView.printTable_full(TableView.java:244)

                at com.aveksa.gui.components.table.core.TableView.printTable_full(TableView.java:357)

                at com.aveksa.gui.components.table.core.TableView.printTable_full(TableView.java:362)

                at com.aveksa.gui.components.table.core.TableModel.handleReload(TableModel.java:597)

                at com.aveksa.gui.components.table.core.TableModel.handleQuickFilter(TableModel.java:985)

                at com.aveksa.gui.components.table.core.TableModel.handleRequest(TableModel.java:499)

                at com.aveksa.gui.components.table.TableManager.handleRequest(TableManager.java:66)

                at com.aveksa.gui.core.MainManager.handleRequest(MainManager.java:189)

                at com.aveksa.gui.core.MainManager.doGet(MainManager.java:128)

                at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)

                at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

                at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)

                at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130)

                at com.aveksa.gui.core.filters.LoginFilter.doFilter(LoginFilter.java:53)

                at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)

                at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)

                at com.aveksa.gui.util.security.XSSFilter.doFilter(XSSFilter.java:20)

                at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)

                at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)

                at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85)

                at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61)

                at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)

                at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)

                at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)

                at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)

                at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63)

                at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)

                at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)

                at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)

                at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)

                at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)

                at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)

                at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:172)

                at java.security.AccessController.doPrivileged(Native Method)

                at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:169)

                at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)

                at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)

                at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

                at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

                at java.lang.Thread.run(Thread.java:745)

05/23/2018 09:16:59.234 ERROR (default task-49) [com.aveksa.gui.core.MainManager]

java.lang.RuntimeException: Unsafe characters detected in URL parameters. Possible XSS attack.

                at com.aveksa.gui.util.LinkValidator.XSSError(LinkValidator.java:175)

                at com.aveksa.gui.util.LinkValidator.validateParamAndCopy(LinkValidator.java:134)

                at com.aveksa.gui.util.Link.copyParams(Link.java:181)

                at com.aveksa.gui.util.Link.<init>(Link.java:135)

                at com.aveksa.gui.pages.base.data.dialog.DialogPageData.getLink(DialogPageData.java:161)

                at com.aveksa.gui.components.table.dialogs.base.TableDialogData.getLink(TableDialogData.java:56)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.getLink(FilterDialogData.java:218)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.getURL(FilterDialogData.java:224)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.makeFilterInputField(FilterDialogData.java:144)

                at com.aveksa.gui.components.table.dialogs.filter.FilterDialogData.getFilterDisplay(FilterDialogData.java:107)

                at com.aveksa.gui.components.table.core.TableView.printFilterInfo(TableView.java:946)

                at com.aveksa.gui.components.table.core.TableView.printTopControls(TableView.java:396)

                at com.aveksa.gui.components.table.core.TableView.printTable_full(TableView.java:244)

                at com.aveksa.gui.components.table.core.TableView.printTable_full(TableView.java:357)

                at com.aveksa.gui.components.table.core.TableView.printTable_full(TableView.java:362)

                at com.aveksa.gui.components.table.core.TableModel.handleReload(TableModel.java:597)

                at com.aveksa.gui.components.table.core.TableModel.handleQuickFilter(TableModel.java:985)

                at com.aveksa.gui.components.table.core.TableModel.handleRequest(TableModel.java:499)

                at com.aveksa.gui.components.table.TableManager.handleRequest(TableManager.java:66)

                at com.aveksa.gui.core.MainManager.handleRequest(MainManager.java:189)

                at com.aveksa.gui.core.MainManager.doGet(MainManager.java:128)

                at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)

                at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

                at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)

                at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130)

                at com.aveksa.gui.core.filters.LoginFilter.doFilter(LoginFilter.java:53)

                at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)

                at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)

                at com.aveksa.gui.util.security.XSSFilter.doFilter(XSSFilter.java:20)

                at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)

                at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)

                at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85)

                at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61)

                at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)

                at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)

                at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)

                at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)

                at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63)

                at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)

                at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)

                at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)

                at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)

                at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)

                at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)

                at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)

                at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:172)

                at java.security.AccessController.doPrivileged(Native Method)

                at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:169)

                at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)

                at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)

                at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

                at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

                at java.lang.Thread.run(Thread.java:745)

Outcomes