The following issue has been SUBMITTED. ====================================================================== https://cmake.org/Bug/view.php?id=15774 ====================================================================== Reported By: Derek Bruening Assigned To: ====================================================================== Project: CMake Issue ID: 15774 Category: CTest Reproducibility: always Severity: block Priority: low Status: new ====================================================================== Date Submitted: 2015-10-07 17:49 EDT Last Modified: 2015-10-07 17:49 EDT ====================================================================== Summary: CTest result submission over http fails to set Content-Type header which runs afoul of ModSecurity rules Description: On some web hosting providers, ModSecurity rules are in place that prevent using CTest with a CDash installation on that provider. The particular rule looks like this (pieces removed for anonymity):
ModSecurity: Access denied with code 406 (phase 2). Match of "rx ^0$" against "REQUEST_HEADERS:Content-Length" required. [msg "Request Containing Content, but Missing Content-Type header"] [uri "/CDash/submit.php"] CTest runs show this error: Submit files (using http) Using HTTP submit method Drop site:http://<mysite>/CDash/submit.php?project=<myproject> Error when uploading file: <mypath>/Testing/20151005-0900/Build.xml Error message was: The requested URL returned error: 406 Not Acceptable Problems when submitting via HTTP The same 406 error is seen using curl -T: # curl -T <mypath>/Testing/20151007-0900/Build.xml http://<mysite>/CDash/submit.php?project=<myproject> <head><title>Not Acceptable!</title></head><body><h1>Not Acceptable!</h1><p>An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.</p></body></html> These hosting providers do not allow any method of disabling particular rules or ModSecurity in general. While we can debate the merits of this rule, it is simple to work around by providing a Content-Type header. E.g., curl -d works: # curl -d @<mypath>/Testing/20151007-0900/Build.xml http://<mysite>/CDash/submit.php?project=<myproject> <cdash version="2.2.2"> <status>OK</status> <message></message> <md5>...</md5> </cdash> ====================================================================== Issue History Date Modified Username Field Change ====================================================================== 2015-10-07 17:49 Derek Bruening New Issue ====================================================================== -- Powered by www.kitware.com Please keep messages on-topic and check the CMake FAQ at: http://www.cmake.org/Wiki/CMake_FAQ Kitware offers various services to support the CMake community. For more information on each offering, please visit: CMake Support: http://cmake.org/cmake/help/support.html CMake Consulting: http://cmake.org/cmake/help/consulting.html CMake Training Courses: http://cmake.org/cmake/help/training.html Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Follow this link to subscribe/unsubscribe: http://public.kitware.com/mailman/listinfo/cmake-developers
