Hello,
I know my problem is not really a Plone issue, but I would be greatful for any pointers to help me resolve it.
We are running Plone behind an Apache web server with mod_security, and mod_security doesn't like cookies created by Plone when the Copy or Cut button is pressed.
The web browser immediately returns an http 400 error and I have to close the browser and restart it to access any pages on the site.
The mod_security rule concerned is "960018" which indicates there is character inside the cookie outside range: 1-255. Probably a null character?
The problem I have has already been reported in Plone ticket 5306
https://dev.plone.org/plone/ticket/5306 which I appreciate has a status of "closed bug:wontfix"
But.... is there anything I can do to patch Plone to fix this, or is the only option to disable the offending mod_security rule?
I'm reluctant to do that because the security rules are there for a reason...
Best Regards,
jlawson
Problem with mod_security
