403 error only when inserting specific code block in editor #4304

New Issue

OVERLORD · 2026-02-05T08:29:28+03:00

OVERLORD commented

2026-02-05 08:29:28 +03:00

Originally created by @slimninja on GitHub (Nov 7, 2023).

Describe the Bug

I've found an odd bug that occurs specifically with one piece of code within my instance. Narrowing this down took quite a bit. The page I'm using is a reference page where I have approx 15 different SQL queries for reference.

When inserting the following text as a code block in any page, "sp__dbutilisation tempdb;" the save button leads immediately to a 403 error page. My bookstack instance immediately slows down for the next few minutes.

When I remove this code block, the page saves fine. I'm assuming that that the db command is getting executed on save? I updated to the latest instance and see the same issue. DB is MySQL

Steps to Reproduce

Create new page named "Queries" or anything else
Create a code block with the following code (code block, not in-line code)
sp__dbutilisation tempdb;
Try saving page
Immediately see 403 error

Expected Behaviour

Page saving without 403 error

Screenshots or Additional Context

No response

Browser Details

Chrome

Exact BookStack Version

2023.10.1

Originally created by @slimninja on GitHub (Nov 7, 2023). ### Describe the Bug I've found an odd bug that occurs specifically with one piece of code within my instance. Narrowing this down took quite a bit. The page I'm using is a reference page where I have approx 15 different SQL queries for reference. When inserting the following text as a code block in any page, "sp__dbutilisation tempdb;" the save button leads immediately to a 403 error page. My bookstack instance immediately slows down for the next few minutes. When I remove this code block, the page saves fine. I'm assuming that that the db command is getting executed on save? I updated to the latest instance and see the same issue. DB is MySQL ### Steps to Reproduce 1. Create new page named "Queries" or anything else 2. Create a code block with the following code (code block, not in-line code) sp__dbutilisation tempdb; 3. Try saving page 4. Immediately see 403 error ### Expected Behaviour Page saving without 403 error ### Screenshots or Additional Context _No response_ ### Browser Details Chrome ### Exact BookStack Version 2023.10.1

OVERLORD added the 🐛 Bug label 2026-02-05 08:29:28 +03:00

OVERLORD closed this issue

2026-02-05 08:29:29 +03:00

OVERLORD commented

2026-02-05 08:29:33 +03:00

@slimninja commented on GitHub (Nov 7, 2023):

Searched a bit more. Met me try #555 and #1792 and will update here if the issue persists.
Can not recreate the issue on the demo site.

@slimninja commented on GitHub (Nov 7, 2023): Searched a bit more. Met me try #555 and #1792 and will update here if the issue persists. Can not recreate the issue on the demo site.

OVERLORD commented

2026-02-05 08:29:38 +03:00

@slimninja commented on GitHub (Nov 7, 2023):

Solved by disabling apache mod_security m

@slimninja commented on GitHub (Nov 7, 2023): Solved by disabling apache mod_security m

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#4304