On Mon Sep 16 14:19:54 2013, Robert Middleton wrote: > [Mon Sep 16 16:08:17 2013] [error] [client <ipaddr>] ModSecurity: Access > denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. > [file "/opt/mod_security/10_asl_rules.conf"] [line "64"] [id "390616"] [rev > "2"] [msg "POST request must have a Content-Length header"] [severity > "WARNING"] [hostname <hostname>] [uri "/svn/!svn/me"] [unique_id <id>]
This looks like your mod_security configuration doesn't know about chunked encoding for requests. 1.8.x now prefers to use chunked encoding in requests. I'm not sure what you need to change to configure mod_security to allow chunked requests but that's what you'll probably want to do. 1.8.1 also added an option to change this behavior on the client side if changing the above isn't an option. Setting the http-chunked-requests setting to no should disable chunked requests and restore the behavior that pre-1.8.x clients had with their requests. However, I would recommend that you fix the server since there are advantages to using chunked requests (e.g. we don't have to buffer requests to calculate the size before starting to send the request). This section in our Release Notes should be helpful to you: http://subversion.apache.org/docs/release-notes/1.8.html#411-length-required
