New HP Application Security Resource Library

Web Application Security Center News Blog

Home
Contact

Syndication

Web Security

Links of Interest

Erik's Personal Blog

Comments

Lindo wrote re: New HP Application Security Resource Library

on 01-13-2008 5:22 PM

Hi guys, great work on all this - much appreciated from our end! FYI, I have noticed one thing - when I use Google as a proxy on one of the (various) hp Application Security pages it yeilds some verbose error messages: http://www.google.com/translate?langpair=fr|en&u=http://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-201_4000_100__ HTTP Status 500 -- type Exception report Type Exception report message Message description The server encountered an internal error () that prevented it from fulfilling this request. Description The server encountered an internal error () that prevented it from fulfilling this request. exception Except javax.servlet.ServletException: Category -1 does not exist org.apache.jasper.runtime.PageContextImpl.doHandlePageException(Unknown Source) org.apache.jasper.runtime.PageContextImpl.handlePageException(Unknown Source) org.apache.jsp.core.util.errorpage_jsp._jspService(org.apache.jsp.core.util.errorpage_jsp:253) org.apache.jasper.runtime.HttpJspBase.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) org.apache.jasper.servlet.JspServletWrapper.service(Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile(Unknown Source) org.apache.jasper.servlet.JspServlet.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) org.apache.jasper.runtime.PageContextImpl.doForward(Unknown Source) org.apache.jasper.runtime.PageContextImpl.forward(Unknown Source) org.apache.jasper.runtime.PageContextImpl.doHandlePageException(Unknown Source) org.apache.jasper.runtime.PageContextImpl.handlePageException(Unknown Source) org.apache.jsp.hpms.display.main.hpms_005fcontent_jsp._jspService(org.apache.jsp.hpms.display.main.hpms_005fcontent_jsp:3725) org.apache.jasper.runtime.HttpJspBase.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) org.apache.jasper.servlet.JspServletWrapper.service(Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile(Unknown Source) org.apache.jasper.servlet.JspServlet.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) com.sezame.auth.SzSecurityFilter.doFilter(SzSecurityFilter.java:202) com.arobaze.util.SetCharacterEncodingFilter.doFilter(Unknown Source) Javax.servlet.ServletException: Category -1 does not exist org.apache.jasper.runtime.PageContextImpl.doHandlePageException (Unknown Source) org.apache.jasper.runtime.PageContextImpl.handlePageException (Unknown Source) org.apache.jsp.core. util.errorpage_jsp._jspService (org.apache.jsp.core.util.errorpage_jsp: 253) org.apache.jasper.runtime.HttpJspBase.service (Unknown Source) javax.servlet.http.HttpServlet.service (HttpServlet.java: 802 ) org.apache.jasper.servlet.JspServletWrapper.service (Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile (Unknown Source) org.apache.jasper.servlet.JspServlet.service (Unknown Source) javax.servlet. http.HttpServlet.service (HttpServlet.java: 802) org.apache.jasper.runtime.PageContextImpl.doForward (Unknown Source) org.apache.jasper.runtime.PageContextImpl.forward (Unknown Source) org.apache.jasper.runtime. PageContextImpl.doHandlePageException (Unknown Source) org.apache.jasper.runtime.PageContextImpl.handlePageException (Unknown Source) org.apache.jsp.hpms.display.main.hpms_005fcontent_jsp._jspService (org.apache.jsp.hpms.display.main. hpms_005fcontent_jsp: 3725) org.apache.jasper.runtime.HttpJspBase.service (Unknown Source) javax.servlet.http.HttpServlet.service (HttpServlet.java: 802) org.apache.jasper.servlet.JspServletWrapper.service (Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile (Unknown Source) org.apache.jasper.servlet.JspServlet.service (Unknown Source) javax.servlet.http.HttpServlet.service (HttpServlet.java: 802) com.sezame. auth.SzSecurityFilter.doFilter (SzSecurityFilter.java: 202) com.arobaze.util.SetCharacterEncodingFilter.doFilter (Unknown Source) root cause Root cause java.sql.SQLException: Category -1 does not exist com.sezame.cma.Category.get(Category.java:1886) com.sezame.cma.Category.getMenuOn(Category.java:512) org.apache.jsp.core.util.errorpage_jsp._jspService(org.apache.jsp.core.util.errorpage_jsp:194) org.apache.jasper.runtime.HttpJspBase.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) org.apache.jasper.servlet.JspServletWrapper.service(Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile(Unknown Source) org.apache.jasper.servlet.JspServlet.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) org.apache.jasper.runtime.PageContextImpl.doForward(Unknown Source) org.apache.jasper.runtime.PageContextImpl.forward(Unknown Source) org.apache.jasper.runtime.PageContextImpl.doHandlePageException(Unknown Source) org.apache.jasper.runtime.PageContextImpl.handlePageException(Unknown Source) org.apache.jsp.hpms.display.main.hpms_005fcontent_jsp._jspService(org.apache.jsp.hpms.display.main.hpms_005fcontent_jsp:3725) org.apache.jasper.runtime.HttpJspBase.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) org.apache.jasper.servlet.JspServletWrapper.service(Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile(Unknown Source) org.apache.jasper.servlet.JspServlet.service(Unknown Source) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) com.sezame.auth.SzSecurityFilter.doFilter(SzSecurityFilter.java:202) com.arobaze.util.SetCharacterEncodingFilter.doFilter(Unknown Source) Java.sql.SQLException: Category -1 does not exist com.sezame.cma.Category.get (Category.java: 1886) com.sezame.cma.Category.getMenuOn (Category.java: 512) org.apache.jsp. core.util.errorpage_jsp._jspService (org.apache.jsp.core.util.errorpage_jsp: 194) org.apache.jasper.runtime.HttpJspBase.service (Unknown Source) javax.servlet.http.HttpServlet.service (HttpServlet.java : 802) org.apache.jasper.servlet.JspServletWrapper.service (Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile (Unknown Source) org.apache.jasper.servlet.JspServlet.service (Unknown Source) javax. servlet.http.HttpServlet.service (HttpServlet.java: 802) org.apache.jasper.runtime.PageContextImpl.doForward (Unknown Source) org.apache.jasper.runtime.PageContextImpl.forward (Unknown Source) org.apache.jasper. runtime.PageContextImpl.doHandlePageException (Unknown Source) org.apache.jasper.runtime.PageContextImpl.handlePageException (Unknown Source) org.apache.jsp.hpms.display.main.hpms_005fcontent_jsp._jspService (org.apache.jsp.hpms.display. main.hpms_005fcontent_jsp: 3725) org.apache.jasper.runtime.HttpJspBase.service (Unknown Source) javax.servlet.http.HttpServlet.service (HttpServlet.java: 802) org.apache.jasper.servlet.JspServletWrapper.service (Unknown Source) org.apache.jasper.servlet.JspServlet.serviceJspFile (Unknown Source) org.apache.jasper.servlet.JspServlet.service (Unknown Source) javax.servlet.http.HttpServlet.service (HttpServlet.java: 802) com. sezame.auth.SzSecurityFilter.doFilter (SzSecurityFilter.java: 202) com.arobaze.util.SetCharacterEncodingFilter.doFilter (Unknown Source) note The full stack trace of the root cause is available in the Apache Tomcat/5.5.9 logs. Note The full stack trace of the root cause is available in the Apache Tomcat/5.5.9 logs. Apache Tomcat/5.5.9 Apache Tomcat/5.5.9

erik.peterson wrote re: New HP Application Security Resource Library

on 01-15-2008 9:33 AM

Hi Lindo, from what I can tell you have pasted the URL directly as a parameter without URL encoding it first. The & in the HP URL is getting intereptepted by google and not getting passed to our HP page, try this URL:

http://google.com/translate?u=http%3A%2F%2Fh10078.www1.hp.com%2Fcda%2Fhpms%2Fdisplay%2Fmain%2Fhpms_content.jsp%3Fzn%3Dbto%26cp%3D1-11-201_4000_100__&langpair=en%7Cfr&hl=en&ie=UTF8

Syndication

Recent Posts

Web Security

Links of Interest

Archives

Comments