stackoom
  简体   繁体   中英

Mod_security 406 with a '~' in the URL

 原文  2015-10-29 00:40:49       php

Question

I get a 406 Not Acceptable error while having a URL similar to this: 

www.example.com/search/find?q=YSBkZXJwIGZyb20gZGVycA~

and it seems to be due to the singular ~ character. I have to base64_encode() it, using this function: 

function base64_url_encode($string = null) {
    return strtr(base64_encode($string), '+/=', '-_~');
}

Because the normal base64 encode generates an un-parseable URL.

I've had a look around and came across this answer: PHP/Apache Error:406 Not Acceptable

Which says to disable Mod_Security with: 

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

I know I'll have to probably find a different rewrite for the function above, but how could I fix this as to not receive the error again, if there is any way?

1 answers

solution1
 1 ACCPTED  2015-10-29 02:02:29

Instead of replacing = characters with ~ , just remove them entirely. This is a common approach , and will not prevent values from being decoded.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question What causes mod_security 406 Not Acceptable when POSTing data? Issue with ResourceSpace app and mod_security Installing mod_security on EC2 Detect if Mod_Security Is Installed With PHP? php shared host and mod_security How to disable mod_security and mod_security2 in .htaccess How to enable mod_security on Windows 2008 IIS Apache error 500 on large file uploads (mod_security) apache mod_security says - Access Denied error How to write mod_security friendly PHP code?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM