406不接受错误GET参数问题？ [英] 406 Not Acceptable error GET parameter issue?

问题描述

谁能告诉我，为什么下面的URL返回406错误：

<$p$p><$c$c>http://kolek.to/functions/remote-upload.php?url=http%3A%2F%2Fben-major.co.uk%2Fhosting%2Fbm-equipment%2Faxe-2.jpg&item_id=2

？

删除 URL = 参数似乎让一切罚款：

  http://kolek.to/functions/remote-upload.php?item_id=2
 

有关您参考，远程upload.php的的内容如下：

 ＆LT; PHP
require_once（../型号/ api.php'）;
$ request_url = urlde code（$ _ REQUEST ['URL']）;
$ ITEM_ID = $ _REQUEST ['ITEM_ID'];
回声$ ITEM_ID;
？＆GT;
 

解决方案

我认为，这是由于从您的服务器（我在响应报头中看到的Apache）保安过滤器。

在你的情况是Apache的的mod_security 在默认情况下开启。虽然你可以使用以下方法来诊断问题在服务器上运行此命令（打开过滤器关闭应解决的问题）：

  SecFilterEngine关闭
 

但可以这样做只是检查，如果问题是保安过滤器，我劝阻离开过滤掉（注射和垃圾邮件攻击的危险）。

如果你看到的是这样的过滤器，这是问题的原因，尽量把你的要求在白名单： 在这里你可以找到指导<一href="http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N101ED" rel="nofollow">http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N101ED

Can anyone please tell me why the following URL returns a 406 error:

http://kolek.to/functions/remote-upload.php?url=http%3A%2F%2Fben-major.co.uk%2Fhosting%2Fbm-equipment%2Faxe-2.jpg&item_id=2

Removing the ?url= parameter seems to make everything fine:

http://kolek.to/functions/remote-upload.php?item_id=2

For your reference, the content of remote-upload.php is as follows:

<?php
require_once('../models/api.php');
$request_url = urldecode($_REQUEST['url']);
$item_id = $_REQUEST['item_id'];
echo $item_id;
?>

解决方案

I think that this is due to the security filter from your server (I see in the response header that is Apache).

In your case is Apache mod_security that is turned on by default. While you can use the following to diagnose the problem (turning the filter off should resolve the issue) by running this command on the server:

SecFilterEngine off

BUT do this only for checking if the problem is the security filter, I discouraged to leave the filter off (danger of injection and spam attacks).

If you see that is the filter that is the cause of the problem, try to put your request in the whitelist: here you can find the guide http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N101ED

这篇关于406不接受错误GET参数问题？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！