My Oracle Support Banner

ADF Task Flow Not Rendering when the HTTP Query String Exceeds 2000 Characters (Doc ID 2871597.1)

Last updated on AUGUST 24, 2022

Applies to:

Oracle WebCenter Portal - Version and later
Information in this document applies to any platform.


An ADF task flow that renders a DVT graph does not render on a WebCenter Portal page when there are more than 2000 characters.  The ADF task flow makes use of the DVT bar chart component and also the drop
down (af:selectonchoice) component.  When there is less than 2000 characters, it renders properly.

The WebCenter Portal diagnostic log shows the following warning when the task flow does not render:

[<TIMESTAMP>] [WC_Portal] [WARNING] [] [DefaultName:IntrusionDetector] [tid: [ACTIVE].ExecuteThread: '0' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: <USERID>] [ecid:<ECID>] [APP: webcenter]
[partition-name: DOMAIN] [tenant-name: GLOBAL] [DSID:<DSID>]  [SECURITY FAILURE Anonymous:null@unknown
-> /DefaultName/IntrusionDetector] Input exceeds maximum allowed length of 2000 by 2562 characters: context=HTTP Query String :<QUERY_STRING>
Invalid input. The maximum length of 2000 characters was exceeded.
at org.owasp.esapi.reference.validation.StringValidationRule.checkLength(
at org.owasp.esapi.reference.validation.StringValidationRule.getValid(
at org.owasp.esapi.reference.DefaultValidator.getValidInput(
at oracle.webcenter.webcenterapp.utils.WCRequestValidator.esValidate(
at oracle.webcenter.webcenterapp.utils.WCRequestValidator.validate(




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.