Issue
Getting this message in the enterprisedashboard.log file, although the Enterprise Dashboard is functional:
2017-08-03 13:24:31,029Z (15:24) [qtp447878707-39] ERROR org.grails.web.errors.GrailsExceptionResolver - StringIndexOutOfBoundsException occurred when processing request: [GET] /scripts/..%255c../
String index out of range: 1. Stacktrace follows:
java.lang.StringIndexOutOfBoundsException: String index out of range: 1
Environment
Reported in DevTest 10.0.0, but this might show in other versions.
Cause
A vulnerability scanner in the network, was automatically checking common URL to discover well-known vulnerabilities.
This can result into:
a) log attempt to invoke a non-existing URL
b) log the exception of parsing a malformed URL
This exception appears in Enterprise Dashboard log when you start the Enterprise Dashboard and open the URL http://localhost:1506/scripts/..%255c../
This is double url encoded http://localhost:1506/scripts/..\../
%25 decodes to %
%5c decodes to \
The log message is:
2017-08-03 13:24:31,029Z (15:24) [qtp447878707-39] ERROR org.grails.web.errors.GrailsExceptionResolver - StringIndexOutOfBoundsException occurred when processing request: [GET] /scripts/..%255c../
39] ERROR org.grails.web.errors.GrailsExceptionResolver - StringIndexOutOfBoundsException occurred when processing request: [GET] /scripts/..%255c../
String index out of range: 1. Stacktrace follows:
java.lang.StringIndexOutOfBoundsException: String index out of range: 1
at java.lang.String.substring(String.java:1963)
at grails.util.GrailsNameUtils.getPropertyNameRepresentation(GrailsNameUtils.java:256)
at grails.util.GrailsNameUtils.getPropertyName(GrailsNameUtils.java:215)
at grails.web.CamelCaseUrlConverter.toUrlElement(CamelCaseUrlConverter.java:33)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:845)
Resolution
You may ignore this exception.
KB Document: TEC1340875