Thank you for you help.
I'm understand "fhamt" :)
But i don't know hwo define a proper whitelist ? :(
please help me.
2014-05-21 12:08 GMT+01:00 Jerome Athias <athiasjer...@gmail.com>:
> You are not setting the proper Content-Type in your XMLHttpRequest,
> you should use
>
> setRequestHeader('Content-Type', 'image/jpeg');
> in this case
>
> and define a proper whitelist
>
> famti?
>
> 2014-05-21 13:41 GMT+04:00 Ilyass Kaouam <ilyassi...@gmail.com>:
> >
> > Hello
> > I've a problems when i'd like upload a jpg file.
> > how i can allow upload some type of file like : jpg, pdf ...
> >
> > this is the output of modsec_audit.log
> >
> > --a7f42c69-A--
> >
> > [21/May/2014:11:35:27 +0200] U3xzXX8AAAEAACYTAbUAAAAG xx.xx.xx.xx 60416
> > xx.xx.xx.xx 80
> >
> > --a7f42c69-B--
> >
> > POST /upload-useravatar?qqfile=xxxx.jpg HTTP/1.1
> >
> > Host: www.xxxxxx.com
> >
> > Connection: keep-alive
> >
> > Content-Length: 159959
> >
> > Origin: http://www.xxxxxx.com
> >
> > X-Requested-With: XMLHttpRequest
> >
> > X-File-Name: xxxx.jpg
> >
> > User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2)
> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36
> >
> > Content-Type: application/octet-stream
> >
> > Accept: */*
> >
> > Referer: http://www.xxxxxx.com/user
> >
> > Accept-Encoding: gzip,deflate,sdch
> >
> > Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4,ar;q=0.2
> >
> > Cookie: JSESSIONID=5B361D7404F645627AFB171BBA0B3F8B;
> > __utma=111125463.1873502041.1396101474.1400599956.1400664807.23;
> > __utmb=111125463.4.10.1400664807; __utmc=111125463;
> >
> __utmz=111125463.1396101474.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
> >
> >
> > --a7f42c69-F--
> >
> > HTTP/1.1 403 Forbidden
> >
> > Content-Length: 219
> >
> > Connection: close
> >
> > Content-Type: text/html; charset=iso-8859-1
> >
> >
> > --a7f42c69-E--
> >
> >
> > --a7f42c69-H--
> >
> > Message: Access denied with code 403 (phase 1). Match of "rx
> > ^%{tx.allowed_request_content_type}$" against "TX:0" required. [file
> >
> "/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_30_http_policy.conf"]
> > [line "64"] [id "960010"] [rev "2"] [msg "Request content type is not
> > allowed by policy"] [data "application/octet-stream"] [severity
> "CRITICAL"]
> > [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag
> > "OWASP_CRS/POLICY/ENCODING_NOT_ALLOWED"] [tag "WASCTC/WASC-20"] [tag
> > "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/EE2"] [tag "PCI/12.1"]
> >
> > Action: Intercepted (phase 1)
> >
> > Stopwatch: 1400664925455373 1654382 (- - -)
> >
> > Stopwatch2: 1400664925455373 1654382; combined=371, p1=195, p2=0, p3=0,
> > p4=0, p5=105, sr=47, sw=1, l=0, gc=70
> >
> > Response-Body-Transformed: Dechunked
> >
> > Producer: ModSecurity for Apache/2.7.3 (http://www.modsecurity.org/);
> > OWASP_CRS/2.2.9.
> >
> > Server: Apache
> >
> > Engine-Mode: "ENABLED"
> >
> >
> > --a7f42c69-Z-
> >
> > thank you
> >
> > _______________________________________________
> > Owasp-modsecurity-core-rule-set mailing list
> > Owasp-modsecurity-core-rule-set@lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
> >
>
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
