java.lang.IllegalArgumentException: URLDecoder: Incomplete trailing escape (%) pattern #13
Description
An application is calling an API through the APIGW with a query parameter that contains a "%" symbol within the value.
The "%" symbol is part of the query parameter's value, so they're sending it encoded as "%25".
The request being sent to the APIGW is the following:
https://apigwhost/endpoint/search?locale=EN&**codeOrDescription=cafe%25**&page=1
And the error seen when validating the request with OpenAPIValidator is the following:
Error validating request:
java.lang.IllegalArgumentException: URLDecoder: Incomplete trailing escape (%) pattern
at java.base/java.net.URLDecoder.decode(Unknown Source)
at java.base/java.net.URLDecoder.decode(Unknown Source)
at com.axway.apim.openapi.validator.OpenAPIValidator$1.lambda$getQueryParameterValues$0(OpenAPIValidator.java:233)
at java.base/java.util.ArrayList.replaceAllRange(Unknown Source)
at java.base/java.util.ArrayList.replaceAll(Unknown Source)
at com.axway.apim.openapi.validator.OpenAPIValidator$1.getQueryParameterValues(OpenAPIValidator.java:231)
at com.atlassian.oai.validator.interaction.request.RequestValidator.lambda$validateQueryParameters$12(RequestValidator.java:258)
at java.base/java.util.stream.ReferencePipeline$3$1.accept(Unknown Source)
at java.base/java.util.stream.ReferencePipeline$2$1.accept(Unknown Source)
at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(Unknown Source)
Looking at the OpenAPIValidator.java the issue is in this sequence:
....
public Collection getQueryParameterValues(String name) {
if(queryParams==null) return Collections.emptyList();
ArrayList values = queryParams.getHeaderValues(name);
if(values == null) return Collections.emptyList();
if(decodeQueryParams) {
values.replaceAll(headerValue -> {
try {
return URLDecoder.decode(headerValue, StandardCharsets.UTF_8.toString());
} catch (UnsupportedEncodingException e) {
Utils.traceMessage("Error decoding headerValue: " + headerValue + ". Error: " + e.getMessage(), TraceLevel.ERROR);
return headerValue;
}
});
}
....
How to fix / workaround this ?