From: Damian P. <da...@da...> - 2006-03-30 14:49:33
|
You need a new mod_security rule for tiki-view_forum_thead that restricts the offending match. Not a bug TW but server setup. On Thu, 2006-03-30 at 16:18 +0200, Xavier de Pedro Puente wrote: > Hi there: > > I've hit a server error while attempting to edit a forum post, on a > 1.10cvs (cvs updated 3 weeks ago or so). > I don't post it to get a quick solution, or similar, (that site is > working pretty fine so far for production, with the help from sylvie and > batawata), so please I wouldn't need the kind of reply "to avoid it, > work on 1.9.x version", etc. > > I just comment it to let you know about that issue, in case it happen in > the future on other servers with mod-security enabled. > > What surprises me is that I could post the message in forum post some > seconds earlier, and the problem arose when I attempted to save the > edition of that forum post. > > That's what the server admin replied back about the server logs... (see > below) > > Cheers, > > Xavi > > ========================================================= > POST /tiki-view_forum_thread.php HTTP/1.1 > Accept: > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Accept-Encoding: gzip,deflate > Accept-Language: ca > Connection: keep-alive > Content-Length: 5733 > Content-Type: multipart/form-data; > boundary=---------------------------60419519320710553501442250703 > Cookie: tz_offset=7200; PHPSESSID=78597fcf5bf9674cc9d978b9c30597af > Host: uniwiki.ourproject.org > Keep-Alive: 300 > Referer: > http://uniwiki.ourproject.org/tiki-view_forum_thread.php?forumId=8&comments_threadId=117&comments_threshold=0&comments_offset=0&comments_sort_mode=commentDate_desc&comments_maxComments=20&comments_parentId=112&comments_style=commentStyle_threaded&edit_reply=1 > <http://uniwiki.ourproject.org/tiki-view_forum_thread.php?forumId=8&comments_threadId=117&comments_threshold=0&comments_offset=0&comments_sort_mode=commentDate_desc&comments_maxComments=20&comments_parentId=112&comments_style=commentStyle_threaded&edit_reply=1> > User-Agent: Mozilla/5.0 (X11; U; Linux i686; ca-AD; rv:1.7.12) > Gecko/20051010 Firefox/1.0.7 (Ubuntu package 1.0.7) > mod_security-message: Access denied with code 500. Pattern match > "((select|grant|delete|insert|drop|alter|replace|truncate|update|create|rename|describe)[[:space:]]+[A-Z|a-z|0-9|\*| > |\,]+[[:space:]]+(from|into|table|database|index|view)[[:space:]]+[A-Z|a-z|0-9|\*| > |\,]|UNION SELECT.*\'.*\'.*,[0-9].*INTO.*FROM)" at POST_PAYLOAD. > mod_security-action: 500 > ========================================================= > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by xPML, a groundbreaking scripting language > that extends applications into web and mobile media. Attend the live webcast > and join the prime developer group breaking into this new coding territory! > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 > _______________________________________________ > Tikiwiki-devel mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel -- Damian Parker http://www.damosoft.co.uk Easter Super Sale Now On! |