NormanDunbar wrote:Hi Rob, just noticed this post on the forum. Bwinkle is having the same 403 error inserting code into a post on the forum. viewtopic.php?f=3&t=3193&p=36792#p36792 -- might be related?
P.S. qlforum wouldn't let me insert the code this time so I had to use pictures...kept giving me this page:
403.png
It's a weird error as some code will post but others won't. I tried a 5 line snippet of C code in a forum Code block and it gave me that 403 page. When I took the 'i' in 'if' out it posted (or the 'f' in 'if') but not otherwise. However, it wasn't the 'if' that caused it since elsewhere I could get an 'if' to work, just one of many examples. So I reverted to screen images instead. Never had issues with a Code block before (C or BASIC).
There are currently similar 403 errors on the QL Wiki, which is currently being investigated. The fact that you see them on the Forum too was what I was bringing to Rob's attention. Rob has guru level skills and access, which I don't have. (And don't need!).
Cheers,
Norm.
Why do they put lightning conductors on churches?
Author of Arduino Software Internals
Author of Arduino Interrupts
robheaton wrote:I'm going to take a copy of the QLWiki and load it on a local server and see if i can work out what is going on.
In the logs I have access to on the live system, there are no errors shown in the logs, so we don't have a lot to go on.
Work is pretty hectic at the moment, but I'm hoping to do this over the next few days, just hope it leads us somewhere!
Hi Rob,
I thought this may be helpful information to you in debugging the 403 error on code inclusion in qlforum: it kooks like it crashes (i.e. goes to the 403 page) when an "if" is used in the code listing (C source code for me...haven't tried it with BASIC). I substituted the character "i" with the ASCII character code 141 (which sort of looks like an "i") where I had and "if" and that seemed to have worked.
https://QXL.WIN
Collector of QL related computers, accessories and QL games/software.
Ask me about felt pads - I can cut them to size and they have proven excellent for mdv data recovery.
I think you might be on to something there chr$. I just ran a test with a code block containing the text "if x = 1 then" and it previewed quite happily. I changed that to "if ?x = 1? then" and it gave me a huge 403 Forbidden page. Adding spaces before and/or after the opening bracket made no difference.
Even in the plain text part it barfs with parenthesis, I had to change the opening and closing brackets in the example to question marks to be able to post this reply!!!!
Thanks for finding that one, it looks like it's an old old "bug" though, some of the responses are dated 2009!
I'll make sure the admins know -- but I suspect they already have read your post.
Cheers,
Norm.
Why do they put lightning conductors on churches?
Author of Arduino Software Internals
Author of Arduino Interrupts
I had a look through that post and I tried the insecure fix as a quick test.
This broke the hosting for both the forum and wiki, just resulting in server errors.
I’ve undone this and the forum and wiki are working again, I’ll raise a support ticket with the web host, as there are no options in the control panel for mod_security.
Certainly worth exploring, thanks for the link Chr$
--
If vanpeebles parps in the woods and there is nobody around, does it make a sound?
robheaton wrote:I had a look through that post and I tried the insecure fix as a quick test.
This broke the hosting for both the forum and wiki, just resulting in server errors.
I’ve undone this and the forum and wiki are working again, I’ll raise a support ticket with the web host, as there are no options in the control panel for mod_security.
Certainly worth exploring, thanks for the link Chr$
Thanks Rob and Norm.
https://QXL.WIN
Collector of QL related computers, accessories and QL games/software.
Ask me about felt pads - I can cut them to size and they have proven excellent for mdv data recovery.
robheaton wrote:Just a quick update confirming this has been fixed!
It was an issue with mod_security as Chr$ suggested!
It still doesn't seem to work for me. I refreshed the page, logged out and in again and still get the 403. Should I try something else, like delete related cookies or something?
https://QXL.WIN
Collector of QL related computers, accessories and QL games/software.
Ask me about felt pads - I can cut them to size and they have proven excellent for mdv data recovery.
