[MGNLUI-5319] Dam upload fields blocked by mod_security when using the drag&drop option Created: 13/Aug/19 Updated: 18/Aug/21 |
|
| Status: | Accepted |
| Project: | Magnolia UI |
| Component/s: | None |
| Affects Version/s: | 5.7.4, 6.1.1 |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Neutral |
| Reporter: | Mercedes Iruela | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 3 |
| Labels: | maintenance | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
||||
| Issue Links: |
|
||||
| Template: |
|
||||
| Acceptance criteria: |
Empty
|
||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||
| Date of First Response: | |||||
| Epic Link: | Support | ||||
| Story Points: | 3 | ||||
| Description |
|
When then drag and drop functionality a wrong request is sent: Content-Type=multipart/form-data So when mod_security is active the request is blocked and the following error is returned because there is no boundary included in the request, this boundary is expected to be added to a multipart request. (https://www.w3.org/Protocols/rfc1341/7_2_Multipart.html). ...ModSecurity: Multipart parsing error (init): Multipart: Boundary not found in C-T. [hostname "magnolia3.portal.at"] [uri ".../.magnolia/admincentral/APP/UPLOAD/0/200/rec-4/394f45b3-3c15-4bfa-956f-08512c65a55d"] [unique_id "XUvDdywTZpuUHMBtIWpOnAAAADo"] In case of Upload button, the request is sent correctly. Should that upload even have the form content type in the first place? |