[mod-security-users] Unicode problem.
Brought to you by:
victorhora,
zimmerletw
From: Thierry R. <tr...@ri...> - 2005-01-03 20:38:24
|
Hi, I just enable SecFilterCheckUnicodeEncoding and mod_sec(1.8.6) seem to see= =20 invalid unicode encoding in this referer: "http://search.ke.voila.fr/S/wanadoo?gb=3Dsite&dt=3D*&cid=3Dwng&kw=3Ddiversi= t%E9%20culturel" but there is no unicode in it, only url encoding characters. Any idea? Thanks Thierry ## part of my conf: SecFilterScanPOST On SecFilterCheckURLEncoding On SecFilterCheckCookieFormat On SecFilterCheckUnicodeEncoding On SecFilterForceByteRange 1 255 ### part of the log: GET / HTTP/1.1 Accept: */* Referer:=20 http://search.ke.voila.fr/S/wanadoo?gb=3Dsite&dt=3D*&cid=3Dwng&kw=3Ddiversit= %E9%20culturel Accept-Language: en-ca,en-us;q=3D0.7,fr-ca;q=3D0.3 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: www.something.com Connection: Keep-Alive mod_security-message: Error validating header value (Referer): Invalid=20 Unicode encoding: invalid byte value mod_security-action: 403 ####### Toujours le premier =E0 vous offrir la gamme compl=E8te de services Internet= de=20 classe affaires, depuis 1994. Thierry Robitaille Responsable du Support Technique, Administrateur UNIX et NT Registraire agr=E9=E9 par: L'Autorit=E9 canadienne pour les enregistrements= =20 internet. URL : http://www.riq.qc.ca T=E9l=E9phone : (418) 521-2884 Qu=E9bec (514) 875-5351 Montr=E9al=20 |