|
From: Ivan R. <iv...@we...> - 2006-04-10 10:42:23
|
ze...@vo... wrote: > Hi Ivan, > My web server architecture uses Siteminder Perhaps you could tell us more about your architecture? It would appear it's significant in this case. Is Siteminder based on Apache and you are using ModSecurity in it? Or do you have it configured to work as a proxy before or after Apache? I think the problem is in that something is truncating the URI. We just need to figure out what. > I tried again to set the "SecFilterCheckURLEncoding" to "Off or On" but the error still occurs. But it's a different error :) As a workaround extend the allowed byte range to allow the null byte: SecFilterForceByteRange 0 255 -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall Apache Security (O'Reilly): http://www.apachesecurity.net |
