You are currently reviewing an older revision of this page.

DRAFT KB-XXXX Record icon fails to render after applying a Hotfix

Symptoms

Record icon fails to render after applying Appian Hotfix released in May 2019 or later. For example record icon will look like the following:

Following error will be observed in the application server log at the same time:

<Error> <HTTP> <BEA-101020> <[ServletContext@1165446757[app:suite module:suite path:null spec-version:3.1]] Servlet failed with an Exception
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"
at org.springframework.security.web.firewall.StrictHttpFirewall.rejectedBlacklistedUrls(StrictHttpFirewall.java:265)
at org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:245)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:193)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)

Cause

This error will occur if the environment is configured to use spring security and the override files are not merged with the changes introduced in the Hotfix.

Hotfix released in May 2019 has the following line added to the spring-security-01-common.xml present in <AE_HOME>\ear\suite.ear\web.war\WEB-INF\conf\security

<sec:http-firewall ref="httpFirewall"/>

This error will occur if the above line is not added to your existing override 01 file.

Action

Add the following line to your spring-security-01-common-override.xml and restart the application server:

<sec:http-firewall ref="httpFirewall"/>

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: June 2019