Passing / and -- in url it's showing 403 Forbidden Error

Question

When we request to google or any 3rd party API, in this return url we getting this type of code.

?code=4/rAERtRkfXf--

The server doesn't accept this type code and it's showing 403 forbidden Error.

When I am talking with server support they told me about the security issue and it's mod_security issue.

Can anybody help me to solve this type of issue?

You need to speak to your hosting provider who can advise what ModSecurity rule that is catching this and how to add an exception to that rule for the `code` argument. — Barry Pollard, Sep 18 '19 at 18:02

score 0 · Answer 1 · answered Sep 20 '19 at 07:49

0

Try doing str_replace('/','%2F',$your_url) before submitting it to the server

answered Sep 20 '19 at 07:49

Antony

1 Answers1