Hi all

using modsecurity 2.1.0
Some web clients (Mobile CE/.NET) add "Content-Length: 1" in GET requests instead of leaving it blank
will this change to ruleid 960011 do the trick and allow the request?

Original rule -->
SecRule REQUEST_METHOD "^(GET|HEAD)$" "chain,pass,log,auditlog,status:400,msg:'GET or HEAD requests with bodies', severity:'2',id:'960011'"
SecRule REQUEST_HEADERS:Content-Length "!^0?$"


SecRule REQUEST_METHOD "^(GET|HEAD)$" "chain,pass,log,auditlog,status:400,msg:'GET or HEAD requests with bodies', severity:'2',id:'960011'"
SecRule REQUEST_HEADERS:Content-Length "!^0?^1?$"

Thanks


Tomer.