The Limit and Script directives are there from attempts to get it to work. 
 As far as I can tell, they don't have any effect. I didn't have them when 
I first started getting the error, and - after removing - I still get it. 
 I can get the error with or without cookies.  When I use curl, I am 
sending along my auth information using '-u', which works just fine with 

This seems like it is apache throwing the error, not django, but I'm just 
not sure what to do to fix it.

I'm using:
Firefox 15.0.1
ReviewBoard 1.6.11
Django 1.3.3 (final)
Python 2.6.8
CentOS release 5.8 (Final)
SELinux is disabled


Request Data:

Request Headers
Accept application/json, text/javascript, */*
Accept-Encoding gzip, deflate
Accept-Language en-us,en;q=0.5
Connection keep-alive
Content-Length 48
Content-Type application/x-www-form-urlencoded; charset=UTF-8
Cookie rbsessionid=f9e5be5681ed545045d698d53ea4ff9f; (etc)
User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:15.0) 
Gecko/20100101 Firefox/15.0.1
X-Requested-With XMLHttpRequest

<title>403 Forbidden</title>
<p>You don't have permission to access /reviews/api/review-requests/1/draft/
on this server.</p>

Response Headers
Connection close
Content-Encoding gzip
Content-Length 198
Content-Type text/html; charset=iso-8859-1
Date Wed, 12 Sep 2012 20:06:53 GMT
Server Apache/2.2.3 (CentOS)
Vary Accept-Encoding

On Wednesday, September 12, 2012 1:22:31 PM UTC-6, Christian Hammond wrote:
> Hi Brian,
> Haven't seen that before. Well, first thing that stands out to me is that 
> you shouldn't need the Limit/Script lines, do I'd get rid of them.
> You can get the 403 if you don't have cookies working right.
> Which version of Review Board are you using, and which browser?
> Most browsers have built-in development tools now, and you should be able 
> to see the network activity. Can you find that, bring it up, and then 
> reproduce it? You should be able to see the headers and the 
> request/responses. If you can provide all these, it'd help me narrow it 
> down.
> Christian
> On Sep 12, 2012, at 11:24, Brian Armstrong < <javascript:>> 
> wrote:
> I am running reviewboard at the "/reviews" url of a server that handles 
> many different things. Whenever I try to edit a review it makes an ajax PUT 
> request to the API to update the item I changed.
> Here is what the "Server Error Details" shows me
> *Error Code:* 403
> *Error Text:* Forbidden
> *Request URL:* /reviews/api/review-requests/1/draft/
> *Request Data:* summary=Changing+the+summary
> This is being caused by apache2 (CentOS 5) with mod_wsgi.  The only thing 
> I get is an entry in the access log telling me the request was 403'd, 
> nothing else.
> When using curl, I can get the requests to work every time by using POST 
> instead of PUT.
> Here is the config section specific to reviewboard
> WSGIPassAuthorization On
> WSGIScriptAlias /reviews /var/reviewboard/
> <Directory /var/reviewboard/>
>     AllowOverride All
>     Options -Indexes FollowSymLinks +ExecCGI
>     Order allow,deny
>     Allow from all
>     <Limit PUT DELETE>
>         Allow from all
>     </Limit>
>     Script PUT /reviews
>     Script DELETE /reviews
> </Directory>
> # Static media for reviewboard
> Alias /reviews/media /var/reviewboard/
> Alias /reviews/errordocs /var/reviewboard/
> Alias /reviews/favicon.ico /var/reviewboard/
> I have searched the internet for hours trying to find a solution (since I 
> know 403 is the default response to PUT requests with apache), but I 
> haven't been able to find anything that works. I haven't been able to find 
> anything relevant in this mailing list either.
> Wondering if anyone has any insight...
> -- 
> Want to help the Review Board project? Donate today at 
> Happy user? Let us know at
> -~----------~----~----~----~------~----~------~--~---
> To unsubscribe from this group, send email to 
> <javascript:>
> For more options, visit this group at 

Want to help the Review Board project? Donate today at
Happy user? Let us know at
To unsubscribe from this group, send email to
For more options, visit this group at

Reply via email to