On Aug 20, 4:14 pm, Jose San Leandro <[email protected]> wrote: > 20090820-13-CCC.error.log:[Thu Aug 20 15:52:35 2009] [error] [client > XXX.XXX.XXX.XXX] ModSecurity: Access denied with code 403 (phase > 2). Match of "rx > (^application/x-www-form-urlencoded$|^multipart/form-data;)" against > "REQUEST_HEADERS:Content-Type" required. [hostname > "myhostname"] [uri > "/myapp?&action=1720%3A7788E2EBCFA734D1789C8E3F28E7AC99"] [unique_id > "EGR7IgosgrYAAG2jNP4AAAAb"]
We need to send a proper Content-type header with AJAX requests to please mod_security. > I'll take a closer look at the offending rule and post my conclusions. > I'm wondering if there's some previous research already done on this > topic (i.e. which mod-security rules are incompatible with weblocks). Not here. :) Leslie --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "weblocks" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/weblocks?hl=en -~----------~----~----~----~------~----~------~--~---
