Re: HTTP 413,417 instead of 400?

What versions of Apache and ModSecurity are you using?  As reference,
you can also look at this previous thread on this topic -
http://thread.gmane.org/gmane.comp.apache.mod-security.user/3286/focus=3
300

-Ryan 

> -----Original Message-----
> From: mod-security-users-bounces <at> lists.sourceforge.net [mailto:mod-
> security-users-bounces <at> lists.sourceforge.net] On Behalf Of Vinci
> Sent: Sunday, May 04, 2008 12:50 PM
> To: mod-security-users <at> lists.sourceforge.net
> Subject: [mod-security-users] HTTP 413,417 instead of 400?
> 
> Hi all,
> 
> I am trying to testing my server ability with the mod_security.
> While testing, I found double Content-Length will give me http 413
> instead of http 400, which I found in both access log and audit log;
> but the browser give me http 413
> (This appear in another server as well)
> 
> Also, same condition appear in Expect attack, 417 received instead of
> 400, which I trying to insert javascript code in the Expect header
> field.
> 
> Can anybody give me explanation? I am using the default rule set with
> default setting only.
> 
> Thank you,
> Vic
> 
>
------------------------------------------------------------------------
-
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
> Don't miss this year's exciting event. There's still time to save
$100.
> Use priority code J8TL2D2.
>
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/j
av
> aone
> _______________________________________________
> mod-security-users mailing list
> mod-security-users <at> lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mod-security-users

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone