Record icons fails to render after applying a hotfix released in May 2019 or later.
The following error is observed in the application server log:
<Error> <HTTP> <BEA-101020> <[ServletContext@1165446757[app:suite module:suite path:null spec-version:3.1]] Servlet failed with an Exceptionorg.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";" at org.springframework.security.web.firewall.StrictHttpFirewall.rejectedBlacklistedUrls(StrictHttpFirewall.java:265) at org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:245) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:193) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
This error will occur if the environment is configured to use spring security and the override files are not merged with the changes introduced in the hotfix.
The hotfix released in May 2019 has the following line added to the spring-security-01-common.xml file: <sec:http-firewall ref="httpFirewall"/>
<sec:http-firewall ref="httpFirewall"/>
Add the following line to the spring-security-01-common-override.xml file and restart the application server: <sec:http-firewall ref="httpFirewall"/>
This article applies to Appian 18.1 Hotfix O, 18.2 Hotfix M, 18.3 Hotfix J or later.
Last Reviewed: August 2019