Welcome, Guest
Username: Password: Remember me

TOPIC: Bad Request: Unable to save edited templates/emails/ or send emails

Bad Request: Unable to save edited templates/emails/ or send emails 2 years 9 months ago #71317

  • rkenley
  • rkenley's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 3
  • Karma: 0
I am a new user. Everything is working fine, except I can't edit the templates or use the email functions. I have built a survey and tested it. I just can't invite users or change the template.

With email, I cannot save any changes to the default. When I click save, I get:
"Bad Request
Your browser sent a request that this surver could not understand
Cleint sent malformed Host header"

I get the same error if I try to save a change to a template (actually I copied the template OK, but can't save changes to the copy).

I have opened up write access to tmp and upload directories (and subdirectories) in case that was the problem - no change.

I also can't send email. I get the same error:
"Bad Request
Your browser sent a request that this server could not understand.
Client sent malformed Host header"

I have searched for a thread on this, but to no avail.

My system is 1.91+ (upgraded using the patch for comfortable upgrade)
My server (Linux, hosted) complies with the minimum requirements.

Any ideas?
The administrator has disabled public write access.

Aw: Bad Request: Unable to save edited templates/emails/ or send emails 2 years 8 months ago #71321

  • Steve
  • Steve's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 494
  • Thank you received: 46
  • Karma: 17
Hello,

perhaps something went wrong with the upgrade. You could try to install a clean installation of LimeSurvey to check if this solves the problem or not.

An other problem could be the upload of the LimeSurvey installation. Did you upload the files via FTP and was binary mode enabled? (See docs.limesurvey.org/Installation#Upload_...s_to_your_web_server )

If the header is malformed it might also be an idea to check what's wrong with the header (e.g. using a web development toolbar like Firebug to check what headers where sent).
Mit freundlichen Grüßen/Best regards,

Stefan Gohlke
LimeSurvey Team
The administrator has disabled public write access.

Re: Aw: Bad Request: Unable to save edited templates/emails/ or send emails 2 years 8 months ago #71324

  • rkenley
  • rkenley's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 3
  • Karma: 0
Thanks.
The software is an internal install managed by my host - it is auto generated. I installed 1.91 and that did not work. I then uninstalled and reinstalled. Same problem.Then I upgraded to 1.91+ to no avail.
I will investigate Firebug - but I am starting to wonder if I should do a clean install myself and remove the in-built install.
The administrator has disabled public write access.

[SOLVED] Re: Aw: Bad Request: Unable to save edited templates/emails/ or send 2 years 8 months ago #71358

  • rkenley
  • rkenley's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 3
  • Karma: 0
Problem solved.
The problem was security on the server, as follows:
______________________
We have identified the problem with ausi.com.au and have fixed it.

Our security on the server was detecting a Cross-site scripting (XSS)
attack.

This was caused because the developers of the software, LimeSurvey were
sending plain HTML in forms making the form submission look like an XSS
attack.

We have added your site ausi.com.au to the whitelist for the rules that
were blocking LimeSurvey.
The administrator has disabled public write access.

Re: [SOLVED] Re: Aw: Bad Request: Unable to save edited templates/emails/ or send 2 years 8 months ago #71617

  • Mazi
  • Mazi's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 5325
  • Thank you received: 296
  • Karma: 249
rkenley wrote:
Our security on the server was detecting a Cross-site scripting (<a href='docs.limesurvey.org/tiki-index.php?page=...al+settings#Security'>XSS</a>)
attack.

This was caused because the developers of the software, LimeSurvey were
sending plain HTML in forms making the form submission look like an <a href='docs.limesurvey.org/tiki-index.php?page=...al+settings#Security'>XSS</a>
attack.

We have added your site ausi.com.au to the whitelist for the rules that
were blocking LimeSurvey.
Please open a bug report for this at our bugtracker so our developer can have a look (though I doubt this is a real problem because no one has reported that before).

Best regards/Beste Grüße,
Dr. Marcel Minke
(Limesurvey Head of Support)
Need Help? We offer professional Limesurvey support
Contact: marcel.minke(at)limesurvey.org'"
The administrator has disabled public write access.

Bad Request: Unable to save edited templates/emails/ or send emails 8 months 3 weeks ago #103158

  • mas_carpone
  • mas_carpone's Avatar
  • OFFLINE
  • Expert Lime
  • Posts: 112
  • Thank you received: 4
  • Karma: 0
Dear all,

Searching these keywords I came across this old discussion and wondered if this could have ties with the problem I am currently encountering with 2.05 on potential security problems linked to corss-site scripting.

Just linking the 2 discussions in case solutions have already been provided.

The other topic is accessible here:

www.limesurvey.org/fr/forum/installation...uild-131022?start=10
Last Edit: 8 months 3 weeks ago by mas_carpone.
The administrator has disabled public write access.
Moderators: ITEd
Time to create page: 0.137 seconds
Donation Image