xhr file upload rejected - invalid multipart boundry
Hello, I'm having problems getting an xhr file upload to work using the kitchen sink sample code. works ok to my localhost but on the live server it is being rejected by apache mod_security due to a malformed multipart boundry which results in a 400 bad request error being returned.
This is from the server error log…
[05/Apr/2010:14:16:40 +0100] [www.domain.com/sid#1e4c8e90][rid#1f99d218][/php/post.php][2] Multipart parsing error (init): Multipart: Invalid boundary in C-T (malformed).
[05/Apr/2010:14:16:44 +0100] [www.domain.com/sid#1e4c8e90][rid#1f99d218][/php/post.php][1] Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_PROCESSOR_ERROR" required. [file "/usr/local/apache/conf/modsec/modsecurity_crs_20_protocol_violations.conf"] [line "31"] [id "960912"] [msg "Request Body Parsing Failed. Multipart: Invalid boundary in C-T (malformed)."] [severity "CRITICAL"]
is this a bug or something i can work around?
any help much appreciated.
2 Answers
-
just for info i got round this by moving the website to another host. it looked like a problem with modsecurity which i couldn't easily work around.
whilst looking for a solution i came accross others who have had similar issues with multipart posts from applications where modsecurity threw the error because it didn't expect the charset property in the content-type header. Might that be the case with the way titanium generates the multipart headers?
-
(2 years later… ;-)
We had the same issue and this solved it: http://www.nimrodgat.com/2010/05/iphone-image-upload-modsecurity.html
Hope that can help some of you guys.
Cheers