[RESOLVED] Problem sumitting tekst <script

dysback

I have problem submitting a login form containing text "<script" in username.
My code is hosted on LAMP server, but I'm not an admin.
When tried to login to phpMyAdmin on same server with username "<script" i'm getting the same problem (no response from server).
This problem doesn't persists on Windows/IIS.
Script stops before executing first statement.
Is there anybody who experienced similar problems.

bradgrafelman

This has nothing to do with PHP and everything to do with some security extension/module that is intercepting the data before it reaches PHP.

Most likely, it's something like mod_security for Apache.

EDIT: Note that you can probably confirm this by looking at the error/access logs of the webserver you're using.

dysback

bradgrafelman;10984096 wrote:
This has nothing to do with PHP and everything to do with some security extension/module that is intercepting the data before it reaches PHP.

Most likely, it's something like mod_security for Apache.

EDIT: Note that you can probably confirm this by looking at the error/access logs of the webserver you're using.

grep mod_sec httpd.conf

gives nothing.

There's
"POST /index.php HTTP/1.1" 302 -

record created in apache's access log (302 means redirection)
first command in file:
die( "321");
is not executed.
There's no registered response in Firefox's plugin firebug
I doubt to apache but can't find mod_security.

bradgrafelman

Can you show us the list of the names of Apache modules that are enabled?

dysback

sudo ./httpd -M

Loaded Modules:
core_module (static)
authn_file_module (static)
authn_default_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authz_default_module (static)
auth_basic_module (static)
include_module (static)
filter_module (static)
log_config_module (static)
env_module (static)
setenvif_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
mime_module (static)
status_module (static)
autoindex_module (static)
asis_module (static)
cgi_module (static)
negotiation_module (static)
dir_module (static)
actions_module (static)
userdir_module (static)
alias_module (static)
so_module (static)
php5_module (shared)

bradgrafelman

If I had to guess I'd say your problem is caused by mod_filter.

I've never used this module (mainly because I'm having troubles wrapping my head around how this would even be a good idea :p), but it definitely sounds like its the culprit. You could possibly confirm this by disabling it or preventing it from filtering anything destined for a PHP script (again, can't say precisely how since I've never used the module and would just be looking at the same doc I linked to above).

dysback

thanx for assistance.
Problem is not server module.
After surfing site locally (from server using lynx) i don't have expirienced any problems.
Seems that corporate firewall blocks traffic