Allow parameters to fill form fields

Joe Fletcher

2/22/23, 5:11 PM

Nginx is sending a 403 Forbidden when I attempt to use a parameter in my URLs. I want URLs like this one to fill the URL field on any page on the site.

https://example.com/?url=https://example.com

I am not handy with nginx, so any detailed steps to change this would be great. I'm guessing I have an nginx directive somewhere that disallows parameters.

UPDATE

https://example.com/?url=example.com

Does not 403, so possibly this is related to the https:// in the parameter throwing the 403.

0 + 0

nginx

Jonathan.Rosa

2/23/23, 6:50 PM

There is no nginx directive that disables/enables parameters. Does it 403 for all parameters like `foo=bar` or just URLs? You likely have a file permission issue with the resource you're accessing; check if nginx's user/group is allowed to access the resource.

Joe Fletcher

3/2/23, 3:08 PM

foo=bar works, i.e, does not 403. Also, ?url=example.com without https does not 403, although it does not fill the form field. So it maybe something related to the https:// , maybe encoding?

Jonathan.Rosa

3/2/23, 3:50 PM

I checked a local nginx installation, other nginx websites, and chckr.co: it seems like just chckr.co is blocking the strings `https://` and `http://` but not `foo://`. I noticed it's running on CF (which is a nginx proxy), and no other CF site does this. If this is a shared hosting environment then it must be their own addition to block off proxies. Whatever it is you can get around this by URL encoding your values, `?url=https%3A%2F%2Fexample.com`.

Joe Fletcher

3/2/23, 4:11 PM

I literally just found the cause - my 7G WAF is blocking those URLs as bad requests. I also saw your testing of the https:// etc as bad requests. I'm glad you posted the comment here so I know that was not a bot. So thanks - I will either encode the URLs or find a way to allow https through the WAF.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Allow parameters to fill form fields

TH: อนุญาตให้พารามิเตอร์กรอกแบบฟอร์ม

RO: Permite parametrilor să completeze câmpurile de formular

RU: Разрешить параметрам заполнять поля формы

VI: Cho phép tham số điền vào các trường biểu mẫu

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.