Different CSPs respond with different status code when a request is rejected by SpringBoot firewall
A recent change was introduced in MR - !175 (merged) where conditional enablement of a feature To support special character %25 in URLs was enabled.
The expectation was that the service responds with 403 Forbidden status code in case of such errors. However, the observation was GCP / AWS responded with a 500 whereas IBM sent back a 401.
Upon further debugging with @rostislav.dublin , it was identified that Azure and GCP had almost identical stacktrace when a request was rejected by Springboot apart from the single line difference of
Hence, until the individual CSPs decide to enable the feature at their end, The newly added integration test will have an assertion of
assertNotEquals(200, response.getStatus()); for the test scenario if the feature flag of
enableEncodedPercentInURL is not enabled