Re: [mod-security-users] request body: Multipart: invalid boundary encountered
Brought to you by:
victorhora,
zimmerletw
From: Ivan R. <iva...@gm...> - 2006-04-22 12:37:33
|
On 4/22/06, peter pilsl <pi...@go...> wrote: > > I simply cant figure out whats going on. A single user cannot access a > certain webpage on my server (403 by mod_security). All other users > (including myself) dont have any problems doing so. The "bad user" can > surf the whole page, but as soon as he submits a searchterm he gets a > 403. The quickest solution for you is to change the encoding used to submit the form. You are using multipart/form-data but this type of encoding is only needed for file uploads. Since you don't need to upload files you can simply remove the encoding information (from the form, the enctype=3D"..." bit) altogether. The form will then default to application/x-www-form-urlencoded and the error will not occur. Read on for the explanation of the error. > I dont have any clue how to solve this issue and I dont have any clue > what the 'Extension: Security/Remote-Passphrase' - means. I found it a > few times at google but it seems not related with mod_security but maybe > with my problem? Probably not. > thnx for any hints, ideas and solutions .. The message you get means ModSecurity believes the request body is invalid. Seing the User-Agent (Mozilla/4.0 (compatible; MSIE 5.0; Mac_PowerPC) I would say this is probably true. ModSecurity 1.9.x does not keep invalid request bodies around so I can't be completely sure, I am guessing the browser is terminating lines with \n where the specifications requires for \r\n. -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |