@Jay M As @Kyryl P suggested: In my case it is a known bug in Apache/ModSecurity (not Xojo). It is particularly problematic with large PDF documents.
I would like to point out that it’s not really a bug in mod_security. It’s doing exactly what it’s designed to do.
The issue arises from an attached file (does not have to be a pdf) having a particular sequence of characters, in this case:
Followed by any ascii character. This is the exact pattern that an http post request uses to break up attachments.
Having looked at a few offending PDF files on this case, it appears that the app that is creating these files is not properly encoding that data as simply opening the file in Acrobat Pro or PDFPenPro and saving a new file solves the issue.