29Haz
Why Owasp-crs does not allow Content-Type: application/x-www-form-urlencoded
I try to craft a http post using this curl :
curl -v -X POST "http://example.com/submit.php" -H "Content-Type: application/x-www-form-urlencoded;" --data "email=test@example.com"
Unluckyly, it is got block by the Modsecurity CRS rules 920470. As far as I know the default POST for HTML is 'application/x-www-form-urlencoded' as explained in this post : https://stackoverflow.com/a/2436725/4004975
CRS version 4.3.0
Any guidance is appreciated.
