Confluence log has java.lang.IllegalArgumentException: Invalid character (CR or LF) found in method name

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

The following appears in the catalina.out or atlassian-confluence.log

Apr 15, 2016 10:44:21 PM org.apache.coyote.http11.AbstractHttp11Processor process
INFO: Error parsing HTTP request header
 Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character (CR or LF) found in method name
    at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:228)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1009)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:745)

Diagnosis

Environment

  • Confluence running on tomcat

  • If access logging is enabled, they show entries like this

    169.229.3.91 - - [15/Apr/2016:22:44:21 +1000] "-" 400 - "-" "-" null

Cause

A research scanning machine from the University of California at Berkeley regularly conducts scans of the entire Internet, so you may have been scanned as part of an ongoing research project.

The machines the scanning is coming from are

  1. http://researchscan0.eecs.berkeley.edu/
  2. http://researchscan1.eecs.berkeley.edu/
  3. http://researchscan2.eecs.berkeley.edu/
  4. http://researchscan3.eecs.berkeley.edu/
  5. http://researchscan4.eecs.berkeley.edu/

Resolution

If you have been or are currently being scanned and would like to opt out, please email cesr-scanning@lists.eecs.berkeley.edu with the IP ranges you would like to exclude in CIDR format. For most Confluence machines this is the single IP address that the machine is running on.

Last modified on May 24, 2016

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.