406不接受错误GET参数问题? [英] 406 Not Acceptable error GET parameter issue?
问题描述
谁能告诉我,为什么下面的URL返回406错误:
<$p$p><$c$c>http://kolek.to/functions/remote-upload.php?url=http%3A%2F%2Fben-major.co.uk%2Fhosting%2Fbm-equipment%2Faxe-2.jpg&item_id=2?
删除 URL =
参数似乎让一切罚款:
http://kolek.to/functions/remote-upload.php?item_id=2
有关您参考,远程upload.php的
的内容如下:
&LT; PHP
require_once(../型号/ api.php');
$ request_url = urlde code($ _ REQUEST ['URL']);
$ ITEM_ID = $ _REQUEST ['ITEM_ID'];
回声$ ITEM_ID;
?&GT;
我认为,这是由于从您的服务器(我在响应报头中看到的Apache)保安过滤器。
在你的情况是Apache的的mod_security
在默认情况下开启。虽然你可以使用以下方法来诊断问题在服务器上运行此命令(打开过滤器关闭应解决的问题):
SecFilterEngine关闭
但可以这样做只是检查,如果问题是保安过滤器,我劝阻离开过滤掉(注射和垃圾邮件攻击的危险)。
如果你看到的是这样的过滤器,这是问题的原因,尽量把你的要求在白名单: 在这里你可以找到指导<一href="http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N101ED" rel="nofollow">http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N101ED
Can anyone please tell me why the following URL returns a 406 error:
http://kolek.to/functions/remote-upload.php?url=http%3A%2F%2Fben-major.co.uk%2Fhosting%2Fbm-equipment%2Faxe-2.jpg&item_id=2
Removing the ?url=
parameter seems to make everything fine:
http://kolek.to/functions/remote-upload.php?item_id=2
For your reference, the content of remote-upload.php
is as follows:
<?php
require_once('../models/api.php');
$request_url = urldecode($_REQUEST['url']);
$item_id = $_REQUEST['item_id'];
echo $item_id;
?>
I think that this is due to the security filter from your server (I see in the response header that is Apache).
In your case is Apache mod_security
that is turned on by default. While you can use the following to diagnose the problem (turning the filter off should resolve the issue) by running this command on the server:
SecFilterEngine off
BUT do this only for checking if the problem is the security filter, I discouraged to leave the filter off (danger of injection and spam attacks).
If you see that is the filter that is the cause of the problem, try to put your request in the whitelist: here you can find the guide http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N101ED
这篇关于406不接受错误GET参数问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!