Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2021-07-08 05:56:46

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,513
Website

Saving a TXP form returns a HTTP/2 418 error

Seriously? “I’m a teapot”? Like this ?

Editing and saving one (simple) form of the type Misc. Tested with both Firefox and Safari. Dreamhost + PHP 8 + TXP 4.8.7

Server response:

Sorry, the form could not be submitted. Please try again later.

Console reports (Firefox):

XHR POST https://l-c-n.com/textpattern/index.php  [HTTP/2 418 I'm a teapot 2187ms]

Referrer Policy: strict-origin-when-cross-origin

Contents of the offending form:

Message received via the La Chatte Noire website
------------------------------------------------

Name: <txp:com_connect_value name="name" /> (<txp:com_connect_value name="email" />)

Message:
<txp:com_connect_value name="message" />

<txp:com_connect_if name="company">Company (会社名): <txp:com_connect_value name="company" /></txp:com_connect_if>
<txp:com_connect_if name="postcode">Postcode: <txp:com_connect_value name="postcode" /></txp:com_connect_if>
<txp:com_connect_if name="address1">Address:
<txp:com_connect_value name="address1" /></txp:com_connect_if>
<txp:com_connect_if name="address2"><txp:com_connect_value name="address2" /></txp:com_connect_if>
<txp:com_connect_if name="tel">Phone: <txp:com_connect_value name="tel" /></txp:com_connect_if>
<txp:com_connect_if name="fax">Fax: <txp:com_connect_value name="fax" /></txp:com_connect_if>
<txp:com_connect_if name="url">Website: <txp:com_connect_value name="url" /></txp:com_connect_if>
--------------
IP address: <txp:com_connect_value name="REMOTE_ADDR" />
Browser: <txp:com_connect_value name="HTTP_USER_AGENT" />

Where is that emoji for a solar powered submarine when you need it ?

Offline

#2 2021-07-08 05:58:53

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,513
Website

Re: Saving a TXP form returns a HTTP/2 418 error

PS – Saving other forms works well.

I very rarely work directly in browser on live servers, I prefer the trusted code editor and then Theme > Update from Disk


Where is that emoji for a solar powered submarine when you need it ?

Offline

#3 2021-07-08 07:02:14

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 10,565
Website GitHub

Re: Saving a TXP form returns a HTTP/2 418 error

418 confirms that your hoster at least has a sense of humour.

In practice, I expect it just means that something in the form content tipped its anti-spam measures and instead of delivering a 403, they chose 418. I’d get in touch with them, send the offending form contents / HTTP request data and ask if there’s anything they can do to tweak the rules if it’s that causing a problem.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#4 2021-07-08 07:27:51

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,513
Website

Re: Saving a TXP form returns a HTTP/2 418 error

Yeah, I know what 418 is and that makes it flatly and deeply offensive — a stupidly bad graybeard-level attempt at “joking”. If the server responded with the correct error code, one would immediately know what is happening.

And yeah, I suppose I’ll have to plan to, again, contacting the support people.


Where is that emoji for a solar powered submarine when you need it ?

Offline

#5 2021-07-08 08:20:29

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 10,565
Website GitHub

Re: Saving a TXP form returns a HTTP/2 418 error

Developers are hilarious. Never a dull moment.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#6 2021-07-08 13:11:48

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,691
GitHub

Re: Saving a TXP form returns a HTTP/2 418 error

Error 418 on Dreamhost is most likely mod_security getting aggravated. As opposed to phiw13 getting aggravated. Last time I checked, and I don’t have enough brain capacity to venture too far down the rabbit hole given a rough night of sleep and a rougher morning of work, I think Dreamhost use OWASP rules as their reference: owasp.org/www-project-modsecurity-core-rule-set/

Offline

#7 2021-07-08 18:05:11

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 8,774
Website GitHub Twitter

Re: Saving a TXP form returns a HTTP/2 418 error

After what Pete said, I’m wondering if you temporarily add


<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>

would fix the problem and allow you to save the form.


Yiannis
——————————
neme.org | hblack.net | State Machines | NeMe @ github
I do my best editing after I click on the submit button.

Offline

#8 2021-07-09 01:05:58

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,513
Website

Re: Saving a TXP form returns a HTTP/2 418 error

gaekwad wrote #330939:

Error 418 on Dreamhost is most likely mod_security getting aggravated.

Yes, yes I understand this is mod_security at work and a (possibly) overzealous filter is triggered.

(BTW if you happen to be interested in the whole request/response chain for that particular event, let me know by PM, I have the whole thing saved).

colak wrote #330941:

(disabling mod_security temporarily)

I have not tried that, it might work, though – and I need to remember that .htaccess trick for the future. Thanks for the suggestion.

–≠–

Looking through the offending code, this is what trips the server filters:

Browser: <txp:com_connect_value name="HTTP_USER_AGENT" />

Removing that one line allows the normal saving process to go through. The snippet is included to have some more data to work with to filter out spammers (the offending form is the body of the email message for a contact form). But given that UA strings are more and more ‘neutered’, it is of not much use. I was thinking of dropping it anyway.

–≠–

Still offended by the use of error 418 - I am a teapot server response. If the server sends back one of the operation not permitted error codes, that would be so much nicer. Now it is just a poor taste joke (that, or the 418 status need to be standardised with a reasonable name).


Where is that emoji for a solar powered submarine when you need it ?

Offline

#9 2021-07-09 07:28:10

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 8,774
Website GitHub Twitter

Re: Saving a TXP form returns a HTTP/2 418 error

phiw13 wrote #330942:

Still offended by the use of error 418 - I am a teapot server response. If the server sends back one of the operation not permitted error codes, that would be so much nicer. Now it is just a poor taste joke (that, or the 418 status need to be standardised with a reasonable name).

It can indeed be interpreted as a derogatory, non politically correct term. The intentions though appear to be fine. I do agree with you, that they did not put much thought into it, and they obviously did not pass it through a proper ethical editing process.


Yiannis
——————————
neme.org | hblack.net | State Machines | NeMe @ github
I do my best editing after I click on the submit button.

Offline

#10 2021-07-09 08:40:10

gaekwad
Server grease monkey
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 3,691
GitHub

Re: Saving a TXP form returns a HTTP/2 418 error

phiw13 wrote #330942:

If the server sends back one of the operation not permitted error codes, that would be so much nicer.

I have to agree. Not exactly helpful for troubleshooting, especially when available time and/or patience may be at a premium.

Offline

#11 2021-07-09 08:53:48

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 2,513
Website

Re: Saving a TXP form returns a HTTP/2 418 error

- Yiannis (Colak) dito that. That status code might be something of fun in a controlled environment on April 1 or so. Beyond that, not much more than nothing.

- Pete (Gaekwad)

when available time and/or patience may be at a premium

Especially the latter!


Where is that emoji for a solar powered submarine when you need it ?

Offline

Board footer

Powered by FluxBB