tag-manager icon indicating copy to clipboard operation
tag-manager copied to clipboard

Published 20 hours ago verified publisher icon matomo-org

Add a system check that detects WAFs

Open Findus23 opened this issue 4 years ago • 1 comments

Multiple people have reported issues with tag manager caused by web application firewalls. Many are blocking form submission when the POST data contains HTML.

I'd propose adding a system check that trie sending POST data with HTML in it and checks for a 403.

See also https://stackoverflow.com/questions/57843666/saving-custom-scripts-in-matomo-tag-manager-results-in-403/57844903#57844903 https://forum.matomo.org/t/benutzerdefiniertes-html-im-tag-manager/33535 https://forum.matomo.org/t/custom-html-not-saving/32927/5

Findus23 avatar Sep 08 '19 19:09 Findus23

See also https://github.com/matomo-org/matomo/issues/3371 for a more general mod_security detection (which might be harder to do reliably than this specific rule).

Findus23 avatar Sep 09 '19 14:09 Findus23

Closing this as we are not fixing this in core

AltamashShaikh avatar Apr 30 '24 04:04 AltamashShaikh