我正在尝试将图像上传到Web服务器。并收到错误:403。所以我检查了Apache日志,日志中有这个错误:
ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/cwaf/rules/13_HTTP_Protocol.conf"] [line "30"] [id "210240"] [rev "4"] [msg "COMODO WAF: Multipart request body failed strict validation: PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0||my_web_server.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "my_web_server.com"] [uri "/projects/BoLe/api/saveimage.php"] [unique_id "XDaxYXuIw@DonQukuLB6swAAAAs"]
根据this site,我的请求有MULTIPART_BOUNDARY_QUOTED
错误,我尝试使用Google进行搜索,但我仍然不知道发生了什么。因此,我使用wireshark
检查数据包
|%ÝrÜðÕ¿wëE%6@QÔ¬[ggféP3)¯W^P@)îù
POST /projects/BoLe/api/saveimage.php HTTP/1.1
Host: massmodules.com
Accept-Encoding: gzip, identity
Connection: Keep-Alive, TE
User-Agent: BestHTTP
Content-Type: multipart/form-data; boundary="8A317780"
Content-Length: 306
|%ÝrÜðÕ¿wëEZ%7@Q¬[ggféP3)°@^P@)õ`--8A317780
Content-Disposition: form-data; name="fileName"
Content-Type: text/plain; charset="utf-8"
Content-Length: 17
i_am_fileName.png
--8A317780
Content-Disposition: form-data; name="fileName2"
Content-Type: text/plain; charset="utf-8"
Content-Length: 18
i_am_fileName2.png
--8A317780--
有人可以帮我解决这个问题吗?
答案 0 :(得分:0)
触发错误的规则是这样的:
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
这在错误消息中可见:
PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0
⬆⬆⬆⬆
问题在于内容类型标题中有引号
Content-Type: text/plain; charset="utf-8"
⬆ ⬆