Skip to Main Content

APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

How do I correct a 'Forbidden' error that keeps occurring?

APEX_DOUCEJul 15 2022 — edited Jul 15 2022

Hello,
I am using APEX 20.1 within a AWS GovCloud environment.
When making changes within the Page Designer side of APEX I am encountering an error that only shows 'Forbidden.' This error means that the changes I am trying to make don't get saved.
Since I have encountered this error with some regularity I have found that using parenthesis () within numerous areas of the Page Designer as well as making numerous changes before saving causes this error to appear.
I have encountered this 'Forbidden' error when trying to set a page's title to something like 'File(s) Upload.' If I remove the parenthesis the page is allowed to be saved.
image.pngimage.pngThe second place I have encountered this is when creating a javascript dynamic action that fires on page load (which already functions & exists for another app in the same workspace).
image.pngI can use parenthesis in the same manner in other apps within the same workspace without getting this error. Correction: I made a copy of the app causing me issues. This duplicate app allows me to add parenthesis to the title (1st picture above) but the error does occur when trying to create the page load javascript dynamic action (3rd picture above).
Has anyone encountered this error before?
Was a solution found?
Where might I try and hunt down what is causing this?
Is this a reportable bug? If you believe so, where are bugs reported?

Thank you,
Derek D

Comments

jariola

Have you check web server logs if there is any information about error?
Also connect as SYS to database and query views APEX_DEBUG_MESSAGES and APEX_WORKSPACE_ACTIVITY_LOG if there is some additional information.
I just assume, it's not APEX problem. Problem sounds like to be in your web server side, load balancer, Web Application Firewall....
Bugs relating APEX and other Oracle products should be reported to My Oracle Support.

APEX_DOUCE

Looking into the APEX_DEBUG_MESSAGES & the APEX_WORKSPACE_ACTIVITY_LOG both do not show the 'Forbidden' error.
When looking at the AWS Load Balancer Monitoring logs they log an 'HTTP4XX' error when the error is thrown in APEX. It looks to be something involving the web server side of things. Is this likely similar to a '404' error?
I have restarted both the AWS EC2 & the Oracle RDS instances and the error still persists.
My team & I are still newbies in the AWS environment & still learning how everything works together.

jariola

I'm not sure but it might web server responds with HTTP 403 (Forbidden) error.
Open browser developer tools and reproduce issue.
Inspect browser developer tools network tab and see if any request failing. Check what is payload and response for failed request if there is any.

APEX_DOUCE

Looks like you are correct. When inspecting the page it states that it is a 403 Forbidden.
When looking at the Payload, the request is: "p_request: APPLICATION_PROCESS=writePageData."
& the Response is "Access Denied." Stating further "You do not have permission to access...*our URL*/wwv_flow.ajax...on this server. "
With this information, do you know of further steps to resolve this error?

jariola

I think it's something on your web server/components side.
Do you use something like "Web Application Firewall", mod_security or similar that check request for e.g. SQL injections or other common attacks and now blocks request as false positive?

APEX_DOUCE

After lengthy conversations with customer support we have found that there no specific entries in the firewalls that are blocking our URLs.
Is mod_security an APEX feature?

APEX_DOUCE

After lengthy conversations with customer support we have found that there no specific entries in the firewalls that are blocking our URLs.
Is mod_security an APEX feature?

jariola

mod_security is web server module
https://en.wikipedia.org/wiki/ModSecurity

user-lg8wv

Is there any development on this issue, @APEX_DOUCE ?

TexasApexDeveloper

are asking about a thread from OVER A YEAR AGO? Really?

Thank you!

Tony MIller
White Rock, NM

user-lg8wv

Very useful replly, @TexasApexDeveloper… Very nice ;)

1 - 11

Post Details

Added on Jul 15 2022
11 comments
2,149 views