0

The following function should serialize form data and send it to be processed on the server. 

function postIt() {
   var postData = $("#myForm").serialize();
   $.ajax({
       type: 'POST',
       data: postData,
       url: 'php/makeTopics.php',
       success: function(data) {
            /* do stuff*/
       }
   })
}

However, I have just started receiving 403 Forbidden errors from the server. Upon investigation, I have found that the .serialize() function replaces whitespace with "+" and that if I resend the data without the "+"s I no longer get the error.

What am I doing wrong? Is this a client or a server issue?

More info:

-Using LITESPEED server,

-I have reduced my php code to <?php echo("Hello World!"); ?> and the problem persists as described, so I think it must be something else in the webserver. Also, this is new behaviour - I have made no code changes at either end to trigger it.

-WORKING DATA EXAMPLE: tn=factorystore&tkw1=manufacturers&tkw2=brickandmortar

-NOT WORKING DATA EXAMPLE: tn=factory+store&tkw1=manufacturers&tkw2=brick+and+mortar

(Note: the above data examples are the 'source' Form Data taken from the Chrome console)

grateful
  • 1,128
  • 13
  • 25
  • Possible duplicate of [jQuery serialize converts all spaces to plus](https://stackoverflow.com/questions/11025594/jquery-serialize-converts-all-spaces-to-plus) – mooga Jun 15 '18 at 09:48
  • what format is the server expecting? What is generating the 403s - your PHP code, or something else in the webserver? Can you give us an example of the problem data? It's hard to be sure exactly what is happening just from seeing the JavaScript – ADyson Jun 15 '18 at 09:49
  • and if you submit data with no spaces (and thus nothing is converted to +), it works ok, or not? – ADyson Jun 15 '18 at 09:57
  • can you show us an example of working and not-working data please? – ADyson Jun 15 '18 at 09:58
  • and sorry, are you running Apache as the webserver? Also please add your extra info to the question by editing it, rather than in the comments - thanks. – ADyson Jun 15 '18 at 10:10
  • Can you try Replacing var postData = $("#myForm").serialize(); with folloiwing var postData = $("#myForm").serialize().replace(/\+/g,'%20'); – Viral Jun 15 '18 at 10:24
  • 1
    @Viral: thanks for the suggestion, but what if I have similar code on other sites hosted on the same server? - if it is a server issue, I would rather fix it at the source, or have jQuery users aware that with some server configurations, the serialize() function will cause unexpected errors. – grateful Jun 15 '18 at 10:28
  • @grateful Yes you are right. Generally this issue does not happen with serialize() – Viral Jun 15 '18 at 10:31
  • @ADyson - question updated with responses – grateful Jun 15 '18 at 10:50

1 Answers1

0

when you say,

reduced my php code to and the problem persists

do you mean, https://yourdomain.com/hello.php return 403?

Generally, You can ask your host to check the server error log to find out why 403 error. 403 could be caused by many reasons. Such as mod_security, or some restriction on some URLs, folders, etc.

Jackson
  • 36
  • 2
  • I don't mean "https://yourdomain.com/hello.php" returns 403, but rather that "https://yourdomain.com/hello.php?data=one+two+three" returns 403, while "https://yourdomain.com/hello.php?data=onetwothree" doesn't. However I contacted my host and got the response "I've whitelisted ModSecurity rule which caused this issue for your account.". – grateful Jun 15 '18 at 14:07