View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0026275||mantisbt||authorization||public||2019-10-16 08:52||2019-11-19 04:51|
Many times a day we have this error.
|Tags||No tags attached.|
capture.jpg (1,066,506 bytes)
The provided information is not sufficient to provide any help in resolving the issue. A complete and detailed description is required for the support team to get a clear understanding of the problem, starting with the URL being accessed that is throwing the 403 error. Your screenshot does not help at all.
Note that Mantis 2.1.0 is nearly 3 years old. I strongly recommend that you upgrade to the latest release. At least you need to confirm that the problem can be reproduced in 2.22.1.
Please explain what you do, what are the results you expect to get and what you actually get.
Also provide detailed, step-by-step instructions to reproduce the issue; the additional information listed below may also be useful:
Sorry for missing informations :
Infos Server OS:
Version de MantisBT 2.1.0
Greffon Description Dépendances Priorité Protégé Actions
Email Reporting 0.10.0 Offers the functionality to add issues and notes by email.
Formatage de MantisBT 2.1.0 Plugin officiel de traitement et de formatage du texte.
Graphiques Mantis 2.1.0 Plugin de graphiques officiel.
MantisBT Core 2.1.0 Core Plugin API for the Mantis Bug Tracker.
Greffon Description Dépendances Actions
Infos php :
Browsers version :
In google chrome there this message in console "Active resource loading counts reached a per-frame limit while the tab was in background. Network requests will be delayed until a previous loading finishes, or the tab is brought to the foreground. See https://www.chromestatus.com/feature/5527160148197376 for more details"
I find two config files
@traynaud I deleted your custom config file, as it contained a lot of sensitive information (passwords, crypto salt, etc). I strongly suggest you immediately change these passwords since they have potentially been compromised. Feel free to upload the file again, after removing anything that should not be available on a public web site.
You have not responded on that
Please check also, if problem persists without any 3rd party plugins (i.e. uninstall Email Reporting , MantisStats, MantisBT Markdown)
Please note that we require PHP 5.5 or later (although this is unlikely to be causing the problem you're facing)
You may also want to check if there is anything in the webserver / PHP logs.
We can't upgrade because we are using squash test and the compatibility is compromise for us after this version of mantis
I'm asking for PHP updating
It's your decision. Just consider 47 security issues fixed since 2.1.0...
Also you need to demonstrate that the problem is reproducible in the latest release, because we don't support 2.1.0 anymore.
Can you change the visibility of the ticket to private ?
I could, but don't see the point - I already removed the file.
Thank's you a lot for this fast removing
Well I'm sorry but this is a public support channel for open-source software, and our policy is to leave everything visible for the benefits of the community. I'm willing to selectively edit out or remove other sensitive data as necessary if you tell me what it is, but not to hide the whole issue.
Thank's you mtulodzi for your example
It seems we have an issue with Dynatrace. In fact, Dynatrave creates a dtSa cookie. When it's populated, we have the 403 error, each time. The domains used by Dynatrace an Mantis are the same.
We are actually testing this issue by configuring Dynatrace not to create this cookie (See attached image to do this). I'll keep you informed.
Additional information to access this parameter :
|2019-10-16 08:52||traynaud||New Issue|
|2019-10-16 08:52||traynaud||File Added: capture.jpg|
|2019-10-16 12:28||dregad||Status||new => feedback|
|2019-10-16 12:28||dregad||Note Added: 0062985|
|2019-10-17 08:52||traynaud||Note Added: 0062989|
|2019-10-17 08:52||traynaud||File Added: Mantis Forbidden.png|
|2019-10-17 08:52||traynaud||Status||feedback => new|
|2019-10-17 09:10||traynaud||Note Added: 0062991|
|2019-10-17 09:10||traynaud||File Added: config_inc.php|
|2019-10-17 09:10||traynaud||File Added: custom_config_inc.php|
|2019-10-17 09:25||dregad||File Deleted: custom_config_inc.php|
|2019-10-17 09:32||dregad||Note Added: 0062992|
|2019-10-17 09:32||dregad||Note Added: 0062993|
|2019-10-17 09:34||dregad||Note Edited: 0062993||View Revisions|
|2019-10-17 09:35||dregad||Status||new => feedback|
|2019-10-17 09:35||dregad||Note View State: 0062992: public|
|2019-10-17 10:38||traynaud||Note Added: 0062995|
|2019-10-17 10:38||traynaud||Status||feedback => new|
|2019-10-17 10:41||traynaud||Note Added: 0062996|
|2019-10-17 10:57||dregad||Note Added: 0062997|
|2019-10-17 10:58||dregad||Note Edited: 0062997||View Revisions|
|2019-10-17 11:24||traynaud||Note Added: 0063000|
|2019-10-17 11:32||dregad||Note Added: 0063002|
|2019-10-17 11:41||traynaud||Note Added: 0063003|
|2019-10-17 11:55||dregad||Note Added: 0063004|
|2019-10-18 01:41||mtulodzi||Note Added: 0063006|
|2019-10-18 03:27||traynaud||Note Added: 0063007|
|2019-11-19 04:25||arouillere||Note Added: 0063111|
|2019-11-19 04:25||arouillere||File Added: disable-dtsacookie.png|
|2019-11-19 04:48||arouillere||Note Edited: 0063111||View Revisions|
|2019-11-19 04:51||arouillere||Note Edited: 0063111||View Revisions|