dpy3846 2010-01-19 08:21
浏览 670
已采纳

表单提交时出现错误403

I've got a problem with a form in the administration area of my website. I use it for changing the displayed HTML text, it is written in PHP and connects to a MySQL database.

echo "<form action=\"index.php?kat=infos&aktion=upd&kategorie=$kategorie\" method=\"POST\" enctype=\"application/x-www-form-urlencoded\">
";
echo "<table border=\"0\">
";
echo "<b>$kategorie</b>
";
echo "<tr><td><b>Information:</b></td><td><textarea name=\"info\" cols=\"50\" rows=\"7\">$info</textarea></td></tr>
";
echo "<tr><td><input type=\"submit\" value=\"Editieren\" /></td></tr>
";
echo "</table>
";
echo "</form>
";

If i enter some small sentences like "This is a test text only." and click the submit-button, the index.php accepts the data and inserts it into the database just as it should. But if I enter a longer text like the disclaimer from http://www.juraforum.de/disclaimer_muster/ I get a Error 403 on form submit. I do not think it is because of the longer text, because if I write some longer random text in there it works, too.

I hope you can help me with this one.

  • 写回答

7条回答 默认 最新

  • douling0053 2010-01-19 08:48
    关注

    The 403 Status Code means:

    10.4.4 403 Forbidden

    The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.

    The disclaimer seems to contain several HTML tags and they apparently get printed unescaped on the page.

    My wild guess is that there's a piece of software installed on the server (possibly mod_security) that rejects the input because it considers it's an attempt to perform a XSS attack. You can confirm (or reject) this hypothesis by temporarily removing the < and > symbols before pasting it into the textarea.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(6条)

报告相同问题?

悬赏问题

  • ¥15 如何在scanpy上做差异基因和通路富集?
  • ¥20 关于#硬件工程#的问题,请各位专家解答!
  • ¥15 关于#matlab#的问题:期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707,使系统具有较小的超调量
  • ¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
  • ¥30 截图中的mathematics程序转换成matlab
  • ¥15 动力学代码报错,维度不匹配
  • ¥15 Power query添加列问题
  • ¥50 Kubernetes&Fission&Eleasticsearch
  • ¥15 報錯:Person is not mapped,如何解決?
  • ¥15 c++头文件不能识别CDialog