SmartSVN 8 Commit through http:// URL Fails

dbirdzell
dbirdzell

When a user of SmartSVN 8.6.5 on 64-bit windows attempts to commit a change to a file checked out with an http:// URL, the commit fails and the following appears in /var/log/httpd/error_log on the server:  [Mon Mar 09 10:19:37 2015] [error] [client 192.168.99.1] ModSecurity: Access denied with code 403 (phase 1). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_20_protocol_violations.conf"] [line "312"] [id "960012"] [rev "1"] [msg "POST request missing Content-Length Header."] [data "0"] [severity "WARNING"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "subversion.flemingaod.com"] [uri "/svn/projects/!svn/me"] [unique_id "VP2r@c@8yRUAAHMqXTsAAAAE"]  Has anyone else experienced this issue, and if so how did you resolve it?  Thanks very much, Douglas Birdzell Software Developer Fleming-AOD http://flemingaod.com [email]dbirdzell@flemingaod.com[/email]
 

Last updated

dbirdzell
dbirdzell

Here are the relevant server-side packages. We run our subversion server on CentOS 6.  subversion-1.8.11-1.x86_64 subversion-tools-1.8.11-1.x86_64 httpd-2.2.15-39.el6.centos.x86_64 mod_dav_svn-1.8.11-1.x86_64  I am curious to know why the server is not seeing a content-length header coming from the client.   Thanks, Dug
 
dbirdzell
dbirdzell
This also happens when committing changes to a file checked out with a https:// URL.

1-3 of 3

Reply to this discussion

You cannot edit posts or make replies: You should be logged in before you can post.