ZF-3017: Missing header trigger mod_security

Issue Type:
Bug
Created:
2008-04-01T14:04:59.000+0000
Last Updated:
2008-07-23T04:03:31.000+0000
Status:
Resolved
Fix version(s):
  • 1.5.3 (28/Jul/08)
Reporter:
Teemu Välimäki (cred)
Assignee:
Matthew Weier O'Phinney (matthew)
Tags:
  • Zend_XmlRpc_Client
Related issues:
Attachments:

Description

With default mod_security 2.5 Core Rules this happens: modsecurity_crs_21_protocol_anomalies.conf"] [line "41"] [id "960015"]

The problem is a missing Accept header. I solved the problem by adding 'Accept: text/xml' to Zend/XmlRpc/Client.php on line 226.


        $http->setHeaders(array(
            'Content-Type: text/xml; charset=utf-8',
            'User-Agent: Zend_XmlRpc_Client',
            'Accept: text/xml'
        ));

Comments

Posted by Matthew Weier O'Phinney (matthew) on 2008-05-09T12:03:50.000+0000

Scheduling for next mini release

Posted by Matthew Weier O'Phinney (matthew) on 2008-07-23T04:03:30.000+0000

Header added in trunk and 1.5 and 1.6 release branches.