[英]mod_security (Apache) confrom multipart/form-data request in C#
在我的服务器上运行了大约三年的php脚本。 我用它上传照片。 该脚本通过C#程序进行寻址。 到目前为止,一切都进行得很顺利,但是一个月以来,托管服务商已经为Apache安装了mod_security,并且不再起作用。 我总是收到此错误:
[client 80.187.126.54] ModSecurity: Access denied with code 400 (phase 2).
Match of "eq 0" against "REQBODY_ERROR" required.
[file "/etc/httpd/conf.d/mod_security.conf"] [line "16"] [id "200001"]
[msg "Failed to parse request body."] [data "Multipart parsing error:
Multipart: Invalid Content-Disposition header (-11):
form-data; name=file; filename=20180417_090524_X-H1_4930.jpg; filename*=utf-8''20180417_090524_X-H1_4930.jpg."]
[severity "CRITICAL"] [hostname "myhost.com"] [uri "/manage/api1/api.php"] [unique_id "Wz3bfi6fodp1DjmLF6Jq8AAAABM"]
这是我经常使用的c#代码:
string result = "";
var requestUri = new Uri(MyHost.API_URL);
NameValueCollection formData = new NameValueCollection
{
{"albumid", album.ID.ToString()}
};
var cancellationToken = CancellationToken.None;
using (var multiPartContent = new MultipartFormDataContent("---------------------------" + DateTime.Now.Ticks.ToString("x")))
{
#region Build Request Content
multiPartContent.Headers.Add("Reqtype", "uploadimage");
foreach (string key in formData)
{
multiPartContent.Add(new StringContent(formData[key]), key);
}
FileStream fileStream = new FileStream(mediaItem.LocalPath, FileMode.Open, FileAccess.Read);
StreamContent streamContent = new StreamContent(fileStream);
multiPartContent.Add(streamContent, "file", mediaItem.LocalName);
streamContent.Headers.ContentType = new MediaTypeHeaderValue("image/jpg");
#endregion
#region creates HttpRequestMessage object
HttpRequestMessage httpRequest = new HttpRequestMessage
{
Method = HttpMethod.Post,
RequestUri = requestUri,
Content = multiPartContent
};
#endregion
#region Send the request and process response
// Send Request
HttpResponseMessage httpResponse = null;
try
{
cancellationToken.ThrowIfCancellationRequested();
HttpClient httpClient = new HttpClient
{
Timeout = TimeSpan.FromSeconds(300)
};
httpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + MyHost.AccessToken);
httpResponse = httpClient.SendAsync(httpRequest, cancellationToken).Result; //(httpRequest, cancellationToken).ConfigureAwait(false);
HttpStatusCode statusCode = httpResponse.StatusCode;
if (statusCode != HttpStatusCode.OK)
{
string errorResponse = httpResponse.Content.ReadAsStringAsync().Result; //ConfigureAwait(false);
throw new Exception(errorResponse);
}
}
finally
{
if (httpResponse != null)
{
result = httpResponse.Content.ReadAsStringAsync().Result;
JsonResponse ReqImg1 = JsonGenerator.GetCommonResponse(result/*MyReq.RespMessage.ResponseString*/);
if (ReqImg1.status == "200 OK")
{
JsonImageListResponse resp = JsonGenerator.GetImageFromJsonResponse(result);
mediaItem.link = resp.response.link;
}
else
{
//TODO log
}
httpResponse.Dispose();
}
}
return mediaItem;
#endregion
}
片刻之际,我不知道该怎么做才能使其正常工作。
我认为问题可能出在您的标题中:
filename*=utf-8''20180417_090524_X-H1_4930.jpg."
其他帖子也提到了base_64对图像进行编码。
禁止这样做,但并非如此,但是您可以要求托管服务提供商在mod_security中禁用此规则:
SecRule REQBODY_ERROR "!@eq 0" \
"id:'...', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
对于我的问题,我暂时已经卸载了mod_security,因为相关的RFC允许发生故障的事情。 如果时间允许,会进行更多研究。 目前,我的脚本可以再次使用。
如何从C#提交multipart / form-data HTTP POST请求
[英]How to submit a multipart/form-data HTTP POST request from C#
C#中是否有任何multipart / form-data解析器 - (NO ASP)
[英]Are there any multipart/form-data parser in C# - (NO ASP)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.