I'm using an extension https://www.opencart.com/index.php?rout ... _license=0 the developer has not responded to issues in over a year. This mod offers the ability to edit mods scripts in the admin panel.
My issue is since the latest OC 3 update, this mod is unable to save any modifications that have <script></script> in it. I know it may be hard to offer input with just that, but just looking for ideas of what I could look at to try and resolve this, or what info you may need to help me figure this out.
That's more likely a change on your web server.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
I would agree with the above. Extension works just fine.
-
VIEW ALL EXTENSIONS * EXTENSION SUPPORT * WEBSITE * CUSTOM REQUESTS
Thanks. You were right. Once again modsecurity reared its ugly head. I had to disable 3 rules to allow the following to flow "<script></script>" and "window.onload = function()". Does anyone know how to disable the rule only when it's coming from a specific url instead of disabling it all together?
v3.0.4.0 php 8.1
I'm here for a reason, if your response is contact a/the developer, just don't reply.
you could try this for specific urls:Joe1234 wrote: ↑Tue Apr 01, 2025 1:17 pmThanks. You were right. Once again modsecurity reared its ugly head. I had to disable 3 rules to allow the following to flow "<script></script>" and "window.onload = function()". Does anyone know how to disable the rule only when it's coming from a specific url instead of disabling it all together?
Code: Select all
SecRule REQUEST_BASENAME "@beginsWith /url_to_exclude" "id:x,ctl:ruleEngine=Off"
or off only for the entire admin directory:
Code: Select all
<Directory "/admin">
<IfModule security2_module>
SecRuleEngine Off
</IfModule>
</Directory>
Code: Select all
<Directory "/admin">
<IfModule security2_module>
SecRuleEngine DetectionOnly
</IfModule>
</Directory>
Code: Select all
<Directory "/admin">
<IfModule security2_module>
SecRuleRemoveById xxxxxxxxx
</IfModule>
</Directory>
@nonnedelectari, thank, I'll try that as soon as I get a chance.
@paul and grgr, what made you say server issue? I would have never thought that, so in case something else pops up in the future, I'd like to know the thought process.
@paul and grgr, what made you say server issue? I would have never thought that, so in case something else pops up in the future, I'd like to know the thought process.
v3.0.4.0 php 8.1
I'm here for a reason, if your response is contact a/the developer, just don't reply.
Who is online
Users browsing this forum: No registered users and 11 guests
