https://community.cloudera.com/t5/Support-Questions/The-request-was-rejected-because-the-URL-contained-a/m-p/93027#M1912 <P>When using the Python SDK to create an InstanceTemplate if the bootstrap_scripts contain any special characters the API will reject it :</P> <P>&nbsp;</P> <P>&nbsp;</P> <PRE>cloudera.director.common.rest.ApiException: (500) Reason: Server Error HTTP response headers: HTTPHeaderDict({'Connection': 'close', 'Content-Type': 'application/json;charset=utf-8'}) HTTP response body: { "timestamp" : 1563826656470, "status" : 500, "error" : "Internal Server Error", "message" : "org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String \"%5C\"",</PRE> <P>&nbsp;</P> <P>An example bootstrap script that fails is if you put:</P> <P>&nbsp;</P> <PRE>wget https://www.google.com</PRE> <P>&nbsp;</P> <P>Spring Security will reject this as a malicious URL since it is being encoded in the URL and not being put in the body it appears.</P> <P>&nbsp;</P> <P>However, if you define the InstanceTemplate and don't create it in Director via the InstanceTemplatesAPI but rather just immediately pass it to the VirtualInstance in a ClusterTemplate or DeploymentTemplate then there is no issue. Of course it will not appear in the templates tab in Director of that environment in this situation.</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Is there any way to turn off (or limit) the Spring firewall in application.properties or should I try to modify the python sdk to send the data in the body?</P> Fri, 16 Sep 2022 15:52:51 GMT Da 2022-09-16T15:52:51Z https://community.cloudera.com/t5/Support-Questions/The-request-was-rejected-because-the-URL-contained-a/m-p/93027#M1912 <P>When using the Python SDK to create an InstanceTemplate if the bootstrap_scripts contain any special characters the API will reject it :</P> <P>&nbsp;</P> <P>&nbsp;</P> <PRE>cloudera.director.common.rest.ApiException: (500) Reason: Server Error HTTP response headers: HTTPHeaderDict({'Connection': 'close', 'Content-Type': 'application/json;charset=utf-8'}) HTTP response body: { "timestamp" : 1563826656470, "status" : 500, "error" : "Internal Server Error", "message" : "org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String \"%5C\"",</PRE> <P>&nbsp;</P> <P>An example bootstrap script that fails is if you put:</P> <P>&nbsp;</P> <PRE>wget https://www.google.com</PRE> <P>&nbsp;</P> <P>Spring Security will reject this as a malicious URL since it is being encoded in the URL and not being put in the body it appears.</P> <P>&nbsp;</P> <P>However, if you define the InstanceTemplate and don't create it in Director via the InstanceTemplatesAPI but rather just immediately pass it to the VirtualInstance in a ClusterTemplate or DeploymentTemplate then there is no issue. Of course it will not appear in the templates tab in Director of that environment in this situation.</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Is there any way to turn off (or limit) the Spring firewall in application.properties or should I try to modify the python sdk to send the data in the body?</P> Fri, 16 Sep 2022 15:52:51 GMT https://community.cloudera.com/t5/Support-Questions/The-request-was-rejected-because-the-URL-contained-a/m-p/93027#M1912 Da 2022-09-16T15:52:51Z https://community.cloudera.com/t5/Support-Questions/The-request-was-rejected-because-the-URL-contained-a/m-p/93032#M1913 <P>As it turns out this was my screwup -- I tried to get the template (to verify it's existence) with the InstanceTemplate object instead of the string name before creating it with my defined InstanceTemplate object.</P><P>&nbsp;</P><P>Apologies for any inconvenience!</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 22 Jul 2019 21:44:09 GMT https://community.cloudera.com/t5/Support-Questions/The-request-was-rejected-because-the-URL-contained-a/m-p/93032#M1913 Da 2019-07-22T21:44:09Z