Description of problem: The /etc/httpd/conf.d/mod_security.conf config file contains the following filter chain: SecFilterSelective REQUEST_METHOD "!^GET$" chain SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)" After some tests, it seems that the $ trailing character in '''^application/x-www-form-urlencoded$''' results in false positive matches in the case that the "Content-Type" HTTP header is for example: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 So, i believe that the filter should include: ^application/x-www-form-urlencoded instead of : ^application/x-www-form-urlencoded$ Version-Release number of selected component (if applicable): 1.9.4-1.fc5 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Fixed in FC6/devel, will backport time permitting (and that our users haven't already changed it / put in custom rules etc. that do the same/better job)