facebook like args on URL - why forbidden?

Running Apache with a html file for the index - it works fine when I tap into the browser:

http://mywebsite.com

but if someone clicks through from my facebook activity feed, the link is similar:

http://mywebsite.com/?fb_action_ids=10151583105966609&fb_action_types=og.likes&fb_source=timeline_og&action_object_map=%7B"10151583105966609"%3A10150220203269128%7D&action_type_map=%7B"10151583105966609"%3A"og.likes"%7D&action_ref_map=%5B%5D

...but it doesn't work - chrome returns

Forbidden: You don't have permission to access / on this server.

My question is why does it come back forbidden? Surely it is merely the args that have changed?

I am not looking for a solution to clean up the URL, but rather to understand why supplying these URL args returns "forbidden".

Answers


Ok, I found the problem, and it is related to the 5G-blacklist-2013 I was using in my .htaccess which I didn't think was relevant initially - in retrospect, where else was I going to find the problem? Silly me.

The blocklist contains the line:

RewriteCond %{QUERY_STRING} (\"|%22).*(<|>|%3) [NC,OR]

...as part of its test for illegal query strings. The query string that facebook appends when clicking through from the activity feed falls foul of this line and a 403 is returned. To fix I can either remove that line or strip the query string earlier in the .htaccess.

5g-blacklist-2013: http://perishablepress.com/5g-blacklist-2013/


Need Your Help

Web Test Fails With SocketException

visual-studio visual-studio-2013 load-testing web-testing

I have recorded a simple web test in VS 2013 Ultimate and im attempting to run it on a remote agent.

Calling Java Method with variable length argument (varags) from jython

java python testing jython

I'm trying to test some Java code with Jython, but I'm stuck with a constructor that uses the ... varags syntax.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.