I have two curl commands below. You’ll notice I’m passing in a Cookie of “usprivacy=1—“. This is a cookie that seems to be added by some web browsers automatically. The issue I’m seeing — if this cookie is present, some of my assets return HTTP error codes. As soon as the cookie is removed, it returns HTTP CODE 200. It doesn’t happen with any other cookies. I suspect there’s some Apache configuration variable, but I’m baffled.
This one results in the Apache webserver returning 404 not found:
curl 'https://salvagedinspirations.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:71.0) Gecko/20100101 Firefox/71.0' -H 'Accept: text/css,*/*;q=0.1' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Connection: keep-alive' -H 'Referer: https://salvagedinspirations.com/' -H 'Cookie: usprivacy=1---;' -H 'Cache-Control: max-age=0' -D -
This one results in a “403 Forbidden” header, although HTML is still returned:
curl 'https://salvagedinspirations.com/' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:71.0) Gecko/20100101 Firefox/71.0' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Connection: keep-alive' -H 'Cookie: usprivacy=1---;' -H 'Upgrade-Insecure-Requests: 1' -H 'Cache-Control: max-age=0' -D -
Thank you
2
Answers
The issue was with an apache module that was loaded in. I forgot which one. Sorry
The trailing
;
is technically invalid. Does it make a difference? You could be triggering some bad parsing or malicious request detection in a framework, mod_security, etc.