Hello community,
In my company’s xWiki 12.10 instance we’re facing issues with the modification of a single page. When trying to edit it, the following appears at the center bottom of the screen:
However, deleting or removing the page works flawlessly. The page’s name is:
Firewall v2 - Excessive Firewall/ACL Connections Accepted From Single Internal Host
I am aware that Tomcat, the server that we are using, has some issues with slashes and backslashes, but hear me out: The configuration for that has already been mitigated. When running ps -aux | grep tomcat
on the server, I get the following:
tomcat 25771 6.9 43.7 4951696 1698024 ? Sl 17:09 5:31 /usr/lib/jvm/jre/bin/java -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Xms1024M -Xmx2048M -server -XX:+UseParallelGC -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dignore.endorsed.dirs= -classpath /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/opt/tomcat -Dcatalina.home=/opt/tomcat -Djava.io.tmpdir=/opt/tomcat/temp org.apache.catalina.startup.Bootstrap start
Specifically:
-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true
Furthermore, we also have the following page on our instance (note the difference in the name) which can be edited without any issues:
Firewall v2 - Excessive Firewall/ACL Connections Accepted From Single Host
When previewing the console log when clicking “Edit” on the problematic page, it brings up the following:
jquery.js:9175 GET https://our-domain/xwiki/rest/wikis/xwiki/spaces/Dashboard/spaces/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/spaces/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/spaces/Technologies/spaces/Demisto%20XSOAR/spaces/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/spaces/Firewall%20v2%20-%20Excessive%20Firewall%2FACL%20Connections%20Accepted%20From%20Single%20Internal%20Host/pages/WebHome?timestamp=1637598790282 500
Monitoring catalina.out only produces the following two log entries, but this happens for each and every single page in xWiki and we don’t have any issues editing the others:
2021-11-22 18:34:55,175 [https-jsse-nio-9443-exec-7 - https://our-domain/xwiki/bin/get/TourCode/TourJson?xpage=plain&outputSyntax=plain&tourDoc=Dashboard.%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8+%D0%BE%D1%82%D0%B4%D0%B5%D0%BB.%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80+%D0%B7%D0%B0+%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5+%D0%B8+%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8+-+SOC.Technologies.Demisto+XSOAR.%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5+%D0%B7%D0%B0+%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5.Firewall+v2+-+Excessive+Firewall%2FACL+Connections+Accepted+From+Single+Internal+Host.WebHome] WARNo.h.e.j.s.SqlExceptionHelper - SQL Error: 1267, SQLState: HY000
2021-11-22 18:34:55,175 [https-jsse-nio-9443-exec-7 - https://our-domain/xwiki/bin/get/TourCode/TourJson?xpage=plain&outputSyntax=plain&tourDoc=Dashboard.%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8+%D0%BE%D1%82%D0%B4%D0%B5%D0%BB.%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80+%D0%B7%D0%B0+%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5+%D0%B8+%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8+-+SOC.Technologies.Demisto+XSOAR.%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5+%D0%B7%D0%B0+%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5.Firewall+v2+-+Excessive+Firewall%2FACL+Connections+Accepted+From+Single+Internal+Host.WebHome] ERROR o.h.e.j.s.SqlExceptionHelper - (conn=719) Illegal mix of collations (latin1_swedish_ci,IMPLICIT) and (utf8mb4_general_ci,COERCIBLE) for operation '='
The following comes from the Tomcat access log:
my-ip - - [22/Nov/2021:18:38:11 +0200] "GET /xwiki/bin/get/Dashboard/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/Technologies/Demisto%20XSOAR/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/Firewall%20v2%20-%20Excessive%20Firewall%2FACL%20Connections%20Accepted%20From%20Single%20Internal%20Host/?sheet=XWiki.InplaceEditing&action=lock&lockAction=edit&language=en&outputSyntax=plain×tamp=1637599092315 HTTP/1.1" 302 -
my-ip - - [22/Nov/2021:18:38:11 +0200] "GET /xwiki/bin/lock/Dashboard/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/Technologies/Demisto%20XSOAR/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/Firewall%20v2%20-%20Excessive%20Firewall%2FACL%20Connections%20Accepted%20From%20Single%20Internal%20Host/WebHome?ajax=1&action=edit&language=en HTTP/1.1" 204 -
my-ip - - [22/Nov/2021:18:38:11 +0200] "GET /xwiki/rest/wikis/xwiki/spaces/Dashboard/spaces/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/spaces/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/spaces/Technologies/spaces/Demisto%20XSOAR/spaces/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/spaces/Firewall%20v2%20-%20Excessive%20Firewall%2FACL%20Connections%20Accepted%20From%20Single%20Internal%20Host/pages/WebHome?timestamp=1637599092715 HTTP/1.1" 500 45
For comparison, trying to modify produces the following 4 entries to the access log (+ a dozen more for fonts, stylesheets, etc.):
my-ip - - [22/Nov/2021:18:43:55 +0200] "GET /xwiki/bin/get/Dashboard/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/Technologies/Demisto%20XSOAR/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/dddd/?sheet=XWiki.InplaceEditing&action=lock&lockAction=edit&language=en&outputSyntax=plain×tamp=1637599436150 HTTP/1.1" 302 -
my-ip - - [22/Nov/2021:18:43:55 +0200] "GET /xwiki/bin/lock/Dashboard/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/Technologies/Demisto%20XSOAR/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/dddd/WebHome?ajax=1&action=edit&language=en HTTP/1.1" 204 -
my-ip - - [22/Nov/2021:18:43:55 +0200] "GET /xwiki/rest/wikis/xwiki/spaces/Dashboard/spaces/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/spaces/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/spaces/Technologies/spaces/Demisto%20XSOAR/spaces/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/spaces/dddd/pages/WebHome?timestamp=1637599436208 HTTP/1.1" 200 10741
my-ip - - [22/Nov/2021:18:43:55 +0200] "GET /xwiki/bin/view/Dashboard/%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B4%D0%B5%D0%BB/%D0%A6%D0%B5%D0%BD%D1%82%D1%8A%D1%80%20%D0%B7%D0%B0%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20-%20SOC/Technologies/Demisto%20XSOAR/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5/dddd/?xpage=get&outputTitle=true&outputSyntax=annotatedxhtml&language=en×tamp=1637599436247 HTTP/1.1" 200 1448
One thing to note is that when this issue initially came up, the option for backslash wasn’t added to Tomcat so I did that and it initially worked fine - then it broke again.
I’ve tried the following:
- Restarting Tomcat (duh
)
- Restarting the server (duuuh
)
- Deleting the page and creating it again
- Deleting the page, removing it from recycle bin and creating it again
– One thing to note here is that when creating the page, I can put any content I want in it - but then it can’t be edited again.
Now all of this is really strange and any help in resolving the issue would be greatly appreciated. Thank you!