It seems like my shared host provider is detecting the presence of "http://www" or "http%3A%2F%2Fwww" in any get request and serving up a 403 page.
I also get an 'in addition' error..."Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."
This only happens with this string. If I change it to something else the get is successfully submitted and the target page successfully returned.
If it helps I'm writing a QR code getter, so the ability to submit urls is quite important.
Also, strangely I can submit a url as long as it doesn't have 'www' in it. I can also submit 'www' as long as it isn't preceded by 'http://' (or the encoded version)
edit: Just to confirm this wasn't a specific problem with the page I was writing, I went to another page on my website that uses get request and manually inserted the string. This also generates the 403 error.
Answers
Request to remove this strange security feature or "ModSecurity" of your account from your provider (Hosting Provider).
Don't send urls with http://www in URL. For example replace https%3A%2F%2F to https:// before sending data PHP.
No comments:
Post a Comment