You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
yopass sends POST requests to the backend using content-type: text (default, as none is specified) , which freaks modsecurity out, as the MIME type of the payload should fit the content-type
see CoreRuleSet:
# In case Content-Type header can be parsed, check the mime-type against
# the policy defined in the 'allowed_request_content_type' variable.
# To change your policy, edit crs-setup.conf and activate rule 900220.
SecRule REQUEST_HEADERS:Content-Type "@rx ^[^;\s]+" \
"id:920420,\
phase:1,\
block,\
capture,\
t:none,\
msg:'Request content type is not allowed by policy',\
logdata:'%{MATCHED_VAR}',\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-protocol',\
tag:'paranoia-level/1',\
tag:'OWASP_CRS',\
tag:'capec/1000/255/153',\
tag:'PCI/12.1',\
ver:'OWASP_CRS/4.3.0',\
severity:'CRITICAL',\
setvar:'tx.content_type=|%{tx.0}|',\
chain"
SecRule TX:content_type "!@within %{tx.allowed_request_content_type}" \
"t:lowercase,\
setvar:'tx.inbound_anomaly_score_pl1=+%{tx.critical_anomaly_score}'"
The text was updated successfully, but these errors were encountered:
yopass sends POST requests to the backend using
content-type: text(default, as none is specified) , which freaks modsecurity out, as the MIME type of the payload should fit the content-typesee CoreRuleSet:
The text was updated successfully, but these errors were encountered: