Your upload sets:
'Content-Type', 'multipart/form-data'
but no boundary. This is working with application servers, but mod_security doesn't allow "wrong usage" and denies uploads.
There are some RFCs like RFC7231, RFC2406.
From my point of view, boundary is required to be standard conform. Also if you use mod_security, you won't have any problems with your admins :)
Adding a boundary in your code shouldn't be a big problem?
Your upload sets:
'Content-Type', 'multipart/form-data'but no boundary. This is working with application servers, but mod_security doesn't allow "wrong usage" and denies uploads.
There are some RFCs like RFC7231, RFC2406.
From my point of view, boundary is required to be standard conform. Also if you use mod_security, you won't have any problems with your admins :)
Adding a boundary in your code shouldn't be a big problem?