[wp-testers] .htaccess tweak re mod_security and image upload using
Windows Firefox
Philip Barron
delcyphr at gmail.com
Tue Mar 25 17:03:13 GMT 2008
Testing the March 25 nightly build, image uploading failed using
Firefox (latest) on Windows.
My server has mod_security enabled. Error message:
"An error occurred in the upload. Please try again later."
Debug report from Firefox/Windows:
SWF DEBUG: Event: uploadError: HTTP ERROR : File ID: SWFUpload_0_0.
HTTP Status: 406.
SWF DEBUG: Event: uploadComplete : Upload cycle complete.
I searched and found an .htaccess workaround to coax mod_security to
look the other way and ignore the Flash header problem, without disabling
mod_security overall:
http://forum.joomla.org/viewtopic.php?f=428&t=267886&st=0&sk=t&sd=a&sid=df1beece3831ff92e138f5ead8852af3&start=30#p1229033
I added this to .htaccess:
<IfModule mod_security.c>
SetEnvIfNoCase Content-Type \
"^multipart/form-data;" "MODSEC_NOPOSTBUFFERING=Do not buffer file uploads"
</IfModule>
<IfModule mod_gzip.c>
mod_gzip_on No
</IfModule>
Result: Image uploaded successfully using Firefox/Windows with no errors and
without disabling mod_security.
Mac note: This has no effect on image uploading using Firefox on Mac, which is
currently successful as is though with one error message
("Specified file failed upload test.")
Question: Would it be too kludgy to have WP append .htaccess in this way?
Also: I haven't tested this with other browsers.
all best,
phil
More information about the wp-testers
mailing list