Hi,
I looked at the error log while trying to edit an arbitrary page
LyX/LyxFunctions, and when I press save in the edit form, this shows up in
the log
[Thu Mar 26 00:18:34 2009] [error] [client 201.38.240.167] ModSecurity:
Access denied with code 400 (phase 2). Pattern match
"\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:text. [id
"950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"]
[hostname "wiki.lyx.org"] [uri "/LyX/LyxFunctions?action=edit"] [unique_id
"t-bZsNTJRSsAAFdQ568AAAAB"]
It's a bit strange to me, especially as the first request that generates
the web page with the edit form looks the same, i.e.
/LyX/LyxFunctions?action=edit
The difference between the two requests could be that first one is a GET,
whereas the second one is a POST.
Any ideas?
/Christian
--
Christian Ridderström Mobile: +46-70 687 39 44
