Comments on: Wordpress’s Pyethon trap

By: Firas

Firas — Thu, 08 Feb 2007 00:51:05 +0000

It’s certifiably not a WordPress issue, and almost certainly mod_security.

By: The Yourdon Report » Blog Archive » “Dreaming in Code” endnotes

Wed, 07 Feb 2007 14:27:32 +0000

[...] I’m delighted to report that the end-notes are now available; you can find them here. And you can find Scott’s amusing blog posting here, about the difficulties he had accomplishing this task. All of which demonstrates, in yet another small way, that software is hard. [...]

By: Andrew Brown

Andrew Brown — Wed, 07 Feb 2007 08:25:52 +0000

Off the top of my head, you will have the same problem with “perl”, and possibly “bash”. That would be the diagnostic test for an executable filter. all of them might be preceded by “!#” to make a unix script which apache would not want uploaded.

But what an unlikely little problem!

(Did you get my piece about the book, btw?)

http://technology.guardian.co.uk/opinion/story/0,,1992552,00.html if not.

By: Paul Brown

Paul Brown — Wed, 07 Feb 2007 07:44:10 +0000

You can use entities to enter the character codes of some of the letters, e.g., “p” is &112;. (Google’s first choice for ascii table is a good one if you need codes for more letters…)

By: Scott Rosenberg

Scott Rosenberg — Wed, 07 Feb 2007 07:19:09 +0000

That makes a lot of sense, thanks, Paul. I figured it might be some sort of screen on executable content, but this does have the strange effect of banning the word “python” (let’s see if I can post it here…) from a lot of use. I wonder if there’s a way to escape it out, or something like that? (I know, I’m desperately hand-waving here!)

By: Paul Brown

Paul Brown — Wed, 07 Feb 2007 07:08:27 +0000

Depending on who your hosting company is and/or how you have Apache configured, you may be experiencing a filter installed in Apache where it won’t permit potentially executable content in a POST. (Check out mod_security.)