Bad Request
 

Bad Request

Your browser sent a request that this server could not understand.
________________________________________
GRAAL Server at forums.graalonline.com Port 80

I get this message since a couple of days when I try to open the forums or the mod cp with firefox.
With IE it works fine.
Any suggestions what's the cause?

Stop using firefox i guess.. ;o

Clear your Graal forums cookies.

The bad requests have been a huge problem for us for a long time but no one has ever bothered to do anything about it.

Thanks it works. I used firefox since years and never had this problem before.

It's not a firefox problem, it's a forums problem. You probably collapsed one of the sections or something, which causes a bad request.

Yes it's possible. At last I'm glad not to use IE anymore just to go on the forums. ^^

The problem is apparently some sort of security patch/plug-in or something that Unix added. It also disallows the posting of percent signs, much to the dismay of scripters. You should get Stefan to fix it.

You can bypass the bad request errors with percent signs if you replace them with "& #37;" as one word before posting the thread, although this wouldn't help when posting within php tags because it wouldn't change to a percent sign.

Why would anyone have to stop using firefox? It works much better than IE in my opinion any not everybody can use IE because it's only supported on Windows operating systems.

But therein lies the deeper problem. You can only bypass it once. Any attempt to edit the post ends up with a bad request, so your post is basically locked in whatever state you post it in.

Again, we shouldn't have to take this sort of problem into our own hands like we apparently do with everything else around here. They need to fix it.

I completely agree, especially when percent signs are often used or need to be used in threads and posts.

To be honest: I am not sure he knows how to fix it. ;)

Well it's not a problem with vBulletin, because I have browsed quite a few other vBulletin boards and never encountered it. It's probably one of the plug-ins or something. He should browse through them and find the problem :) Or someone should wake Unixmad out of his dormancy to fix it, because apparently he knows what the problem is.

LOL when I saw this thread I only read this and I thought that was your entire post, and I sat here quizzically reading the responses and wondering how everyone knew what tf you were talking about lmao

This has never happened to me, but I'm glad I now know what to do if it does!

Well you can cause two types of bad requests, if you don't want to be left out of the dark.

1) Collapse one of the forum sections on the main forum page. Refresh, bam, bad request. You can't access the forums anymore, and you'll need to clear your cookies.

2) Include a percent sign in your post. This seems to be hit or miss. By hit or miss I mean, it hits when you least expect it(posting a script or just using the percent sign casually) and you need it in your post, and misses when you try to actually get it to happen.

i just make sure to never collapse any of the sections

I've never heard of the problem with collapsing sections, might need to fix that sometime.
The problem with the percentage sign (and a few other codes) is a security measurement to avoid code injection and the forum being hacked.

That was the nasty crime I did and I swear I never will do that again, so help me Unixmad!

I guess Graal is the only board out of thousands of more populated ones that is worried about vBulletin (a forum software which has been used by tens of thousands of people, and tested over and over since version 1) having some sort of glitch leading to code injection?

The only thing I am having a problem with is the "Whos online" quick link, or "Currently Active Users" link from the main page. Just says it's waiting for the forums, but never goes to the page. No errors, it just never goes to the page. I used to, but not for the past few days.

The only plugins i see are the Project Tools and the Blogs, both developed by vBulletin, so that rules that out, i think. I bet upgrading to 3.8.4 might fix a few things. ;)

Do you know this from experience or from my thread? I made a thread detailing this problem years ago - unsurprisingly, with no technical developers on the forums, it has gone unfixed. :(

Also, not having the apache mod_security is common for causing that error on vb.

I've heard about it and tested it myself and helped people with it before.

I second this. I use percent signs in about 90% of my posts, so it gets kind of annoying.

Oooooooh the irony!

oh ****, bad request!

Why can you use the % sign? D=

Percent signs can be used to hack the forums!

You bastards, stop using them! I can't even quote you!

There's a simple grease monkey script to allow the use of % signs. Even if they were used to inject code - converting them to text-friendly versions would prevent that.


100% Stupid excuse.

vBulletin is reporting quite often problems of code injection. You can do weekly patches to fix those problems, try to disable features or use code injection protection. We decided to make patches regulary (each few months) and also use code injection protection to stay secure.