{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Evening l夕情丶 的问题《Error 403 triggered when posting URL's via for》','https://www.manongdao.com/q-641517.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am encountering a 403 Forbidden error when posting URL's via a form using PHP on an apache shared host.
From an existing question ( Error 403 on form submit ) this is most likely caused by mod_security installed on the server.
As I am using shared hosting, I'm not able to disable the module easily, so I implemented a JavaScript solution to strip the http:// before posting the data.
This worked for a while, but unfortunately, the error is still being triggered by some longer url's.
Are there any further methods I can use to cleanse the URL before posting it so that it won't trigger a security module like this?
I have had a similar issue and what I did was ask my hosting provider to add an exclusion to mod_security for that specific page, and it was fixed. The alternative was to disable mod_security, which they did not want to do :)
Another thing you might try is having a Javascript action on the submit buttons, which does a base64 encode of the URL, and then submits the form with that encoded value. Then, on the server side, you decode it.
Hope this helps.