You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Robert Middleton <os...@gmail.com> on 2013/09/16 23:19:54 UTC
Problem committing 1.8 client to 1.8 server
I'm having problems committing from my 1.8.X client to a 1.8.3 server.
When I try to commit, I get the following error:
svn: E175013: Commit failed (details follow):
svn: E175013: POST of '/svn/!svn/me': 403 Forbidden (<url>)
I've checked with both 1.8.1 and 1.8.3.
The Apache logs show the following:
[Mon Sep 16 16:08:17 2013] [error] [client <ipaddr>] ModSecurity: Access
denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS.
[file "/opt/mod_security/10_asl_rules.conf"] [line "64"] [id "390616"] [rev
"2"] [msg "POST request must have a Content-Length header"] [severity
"WARNING"] [hostname <hostname>] [uri "/svn/!svn/me"] [unique_id <id>]
I am able to commit perfectly fine with 1.6.17, so it doesn't seem that
there is a configuration issue, but I don't know for certain. Is this a
configuration issue or a bug?
-Robert Middleton
Re: Problem committing 1.8 client to 1.8 server
Posted by Robert Middleton <os...@gmail.com>.
Ah, that makes sense now. Apache is recent(2.2.25), but the server is
using cpanel, and the configuration for that looks like it's by default
pretty locked down. I'll go update that. Thanks!
-Robert Middleton
On Mon, Sep 16, 2013 at 10:17 PM, Ben Reser <be...@reser.org> wrote:
> On Mon Sep 16 17:37:20 2013, Ben Reser wrote:
> > This looks like your mod_security configuration doesn't know about
> > chunked encoding for requests. 1.8.x now prefers to use chunked
> > encoding in requests. I'm not sure what you need to change to
> > configure mod_security to allow chunked requests but that's what you'll
> > probably want to do.
>
> Based on this it looks like you're running an out of date version of
> mod_security:
>
> http://serverfault.com/questions/65733/why-does-modsecurity-require-content-length-in-post-requests
>
Re: Problem committing 1.8 client to 1.8 server
Posted by Ben Reser <be...@reser.org>.
On Mon Sep 16 17:37:20 2013, Ben Reser wrote:
> This looks like your mod_security configuration doesn't know about
> chunked encoding for requests. 1.8.x now prefers to use chunked
> encoding in requests. I'm not sure what you need to change to
> configure mod_security to allow chunked requests but that's what you'll
> probably want to do.
Based on this it looks like you're running an out of date version of
mod_security:
http://serverfault.com/questions/65733/why-does-modsecurity-require-content-length-in-post-requests
Re: Problem committing 1.8 client to 1.8 server
Posted by Ben Reser <be...@reser.org>.
On Mon Sep 16 14:19:54 2013, Robert Middleton wrote:
> [Mon Sep 16 16:08:17 2013] [error] [client <ipaddr>] ModSecurity: Access
> denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS.
> [file "/opt/mod_security/10_asl_rules.conf"] [line "64"] [id "390616"] [rev
> "2"] [msg "POST request must have a Content-Length header"] [severity
> "WARNING"] [hostname <hostname>] [uri "/svn/!svn/me"] [unique_id <id>]
This looks like your mod_security configuration doesn't know about
chunked encoding for requests. 1.8.x now prefers to use chunked
encoding in requests. I'm not sure what you need to change to
configure mod_security to allow chunked requests but that's what you'll
probably want to do.
1.8.1 also added an option to change this behavior on the client side
if changing the above isn't an option. Setting the
http-chunked-requests setting to no should disable chunked requests and
restore the behavior that pre-1.8.x clients had with their requests.
However, I would recommend that you fix the server since there are
advantages to using chunked requests (e.g. we don't have to buffer
requests to calculate the size before starting to send the request).
This section in our Release Notes should be helpful to you:
http://subversion.apache.org/docs/release-notes/1.8.html#411-length-required