"Select " in sqlExport string 403 forbidden


#1

I swapped web hosts a few weeks back. I struggled to get one of my apps to write to the server. Turns out a string in an sql field had “Select matches”. So long as "Select… was in the export string it kept throwing 403 error. “Select” was ok but "Select x where x=any character after, it was forbidden. EncodeURI or EncodeURIComponent(Export string…didn’t fix it.

In short my questions are…
Is this expected?
Is there any other traps I should know?
Is it server dependant?

Cheers
Graham


#2

Just found %0 does the same. EncodeURI put that in.


#3

Is the Select running on the device’s SQLite database, or on the server’s database?

When you reference SQLExport, do you meant the AppStudio command of the same name?
http://wiki.nsbasic.com/SqlExport


#4

When I send a string with an ajax call to my server for writing to a text file it returns 403 if the string contains "Select x or %0.


#5

Is your last reply properly formatted?

There’s an unmatched quote at least. You may need to make the reply clearer as well.


#6

Sorry it’s hard to write as it is when there is only 1 speech mark.
If the string I’m sending by ajax to my server to write as a text file contains either…

"Select. (A speech mark followed by the word Select then a space and any character after that)

…or…

%0 (This was inserted in the string by EncodeURI)

…then my server responds error 403 forbidden.

Hope that’s clearer.


#7

No clearer at all.

Try putting triple left ticks (```), your lines of code, then triple left ticks again. You should be able to put almost anything there.

My hunch is that this isn’t an AppStudio issue.


#8

No definitely not an Appstudio issue. I was just interested in what else
the server maybe rejecting.