Hello Qlik Users!
It has been reported that URLs with specific characters are returning Error 400 Bad Request with ticket authentication and windows authentication (a type of ticket authentication). This issue is affecting the Qlik Sense April 2020 release starting with Patch 1 and the June 2020 track and is currently being investigated by R&D.
Currently, two scenarios have been identified to show the issue:
- Using filters with the QRS API, for example:
GET /qrs/user?filter=(name+eq+%27user2%27)
This includes the REST connector or calling the API directly. - Using the Single Integration API with some spaces in the selection values, for example:
<iframe src='https://qlikserver1.domain.local/single/?appid=b61ef493-2687-405a-a866-cca9108729d6&obj=71de3559-c190-40a3-8790-7d08fd321deb&opt=nointeraction&select=clearall&select=ACCT_CITY,Altamonte %20Springs&qlikticket=y.j_U14d4-OHyvVN' style='border:none;width:100%;height:100%;'></iframe>
In this case, the %20 is provoking the error 400.
There is a work around that can alleviate the 400 error. If the user first logs in to a URL that doe not have those URL parameters and obtains a valid session on the Qlik Proxy service, then they will be able to access the problematic URL.
I will keep you all informed on the issues as R&D progresses through the investigation.
For more information, please see Qlik Sense: URL with specific characters return Error 400 with ticket authentication in June 2020.
Please let us know if you have any questions. If you found this blog useful, please give it a like! Also, subscribe to the Qlik Support Updates Blog by clicking the green Subscribe button.
Kind regards,
Qlik Digital Support
