Comments (11)
neoacevedo
commented on August 22, 2024
1
I'm sorry, I have been so busy.
No, isn't any Apache limitation. I have set these values and I get the same issue.
UPDATE: Finally it worked, the htaccess directive and updating the admin version.
from luya.
nadar
commented on August 22, 2024
Do you have configured the user component? Could you provide me your composer.json? Is it a fresh installation? What webserver are you using?
from luya.
neoacevedo
commented on August 22, 2024
It's a fresh install. I have Apache+PHP-FPM with FastCGI
from luya.
nadar
commented on August 22, 2024
so you have the same problem means "unauthorized" response? Could you post me the request header? Is there an Auth header? Save means, POST request, can you identify other post requests which does not work? I need i little bit more infos to isolate that problem. Does it log you out, after login, ur when switch to a crud (like users) and create a new one? What if you edit?
from luya.
neoacevedo
commented on August 22, 2024
I get the same console output in the browser. I can't track it because immediately, just after click Save, the page is redirected to logout.
I'm checking it's related to the blocks for the pages. For instance, I can create a new page and to add a block, for instance, a heading block and the page is saved, but when I try to add a content inside the block and click the save button, I got redirected to logout.
Possibly unhandled rejection: {"data":"\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"\n \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n<head>\n<title>¡Acceso prohibido!</title>\n<link rev=\"made\" href=\"mailto:[email protected]\" />\n<style type=\"text/css\"><!--/*--><![CDATA[/*><!--*/ \n body { color: #000000; background-color: #FFFFFF; }\n a:link { color: #0000CC; }\n p, address {margin-left: 3em;}\n span {font-size: smaller;}\n/*]]>*/--></style>\n</head>\n\n<body>\n<h1>¡Acceso prohibido!</h1>\n<p>\n\n\n \n\n Usted no tiene permiso para acceder al objeto solicitado.\n El objeto está protegido contra lectura o\n el servidor no puede leerlo.\n\n \n\n</p>\n<p>\nSi usted cree que esto es un error del servidor, por favor comuníqueselo al\n<a href=\"mailto:[email protected]\">administrador\ndel portal</a>.\n\n</p>\n\n<h2>Error 403</h2>\n<address>\n <a href=\"/\">localhost</a><br />\n <span>Apache</span>\n</address>\n</body>\n</html>\n\n","status":403,"config":{"method":"PUT","transformRequest":[null],"transformResponse":[null],"jsonpCallbackParam":"callback","url":"admin/api-cms-navitempageblockitem/update?id=1","data":{"json_config_values":{"__e":"__o","headingType":"h1","content":"Title"},"json_config_cfg_values":{"__e":"__o"},"variation":"0"},"headers":{"Accept":"application/json, text/plain, */*","Content-Type":"application/json;charset=utf-8","Authorization":"Bearer 4d14963374ddabbe749c4b1515bbfbd17d971a166c003d89c303dad2f9d28ae36QR9UkMBWL312k9CAmoKbbnfj0qPR3f8","X-CSRF-Token":"H66lfN45ZZJbr6gYDF9bcbQXraziNfllfPvPWpI9Tetr2PQNjE0H4AL340w8MSskzFLmydV_kQsjvoJp33UErg=="},"cached":false,"debugId":26},"statusText":"Forbidden","xhrStatus":"complete"} bower.js:3855:43
e http://localhost/luya/public_html/assets/145b94da/dist/bower.js:3855
get http://localhost/luya/public_html/assets/145b94da/dist/bower.js:2982
g http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4285
$digest http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4733
$apply http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4842
k http://localhost/luya/public_html/assets/145b94da/dist/bower.js:3214
v http://localhost/luya/public_html/assets/145b94da/dist/bower.js:3361
onload http://localhost/luya/public_html/assets/145b94da/dist/bower.js:3383
(Asíncrono: EventHandlerNonNull)
Pg http://localhost/luya/public_html/assets/145b94da/dist/bower.js:3378
s http://localhost/luya/public_html/assets/145b94da/dist/bower.js:3252
b http://localhost/luya/public_html/assets/145b94da/dist/bower.js:3183
k http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4305
$digest http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4733
$apply http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4842
compile http://localhost/luya/public_html/assets/145b94da/dist/bower.js:6275
jQuery 8
compile http://localhost/luya/public_html/assets/145b94da/dist/bower.js:6262
Va http://localhost/luya/public_html/assets/145b94da/dist/bower.js:379
Ca http://localhost/luya/public_html/assets/145b94da/dist/bower.js:2659
p http://localhost/luya/public_html/assets/145b94da/dist/bower.js:2203
g http://localhost/luya/public_html/assets/145b94da/dist/bower.js:1967
g http://localhost/luya/public_html/assets/145b94da/dist/bower.js:1967
g http://localhost/luya/public_html/assets/145b94da/dist/bower.js:1967
g http://localhost/luya/public_html/assets/145b94da/dist/bower.js:1967
p http://localhost/luya/public_html/assets/145b94da/dist/bower.js:2200
g http://localhost/luya/public_html/assets/145b94da/dist/bower.js:1967
da http://localhost/luya/public_html/assets/145b94da/dist/bower.js:1952
Z http://localhost/luya/public_html/assets/145b94da/dist/bower.js:2109
d http://localhost/luya/public_html/assets/145b94da/dist/bower.js:2000
m http://localhost/luya/public_html/assets/145b94da/dist/bower.js:2147
link http://localhost/luya/public_html/assets/145b94da/dist/bower.js:9204
$digest http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4746
$apply http://localhost/luya/public_html/assets/145b94da/dist/bower.js:4842
compile http://localhost/luya/public_html/assets/145b94da/dist/bower.js:6275
jQuery 6
192.168.23.2 - - [06/Nov/2020:16:41:42 -0500] "POST /luya/public_html/admin/api-admin-timestamp HTTP/1.1" 200 393 "http://localhost/luya/public_html/admin" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
192.168.23.2 - - [06/Nov/2020:16:41:45 -0500] "PUT /luya/public_html/admin/api-cms-navitempageblockitem/update?id=1 HTTP/1.1" 403 1042 "http://localhost/luya/public_html/admin" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
192.168.23.2 - - [06/Nov/2020:16:41:46 -0500] "GET /luya/public_html/admin/default/logout?autologout=1 HTTP/1.1" 302 - "http://localhost/luya/public_html/admin" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
192.168.23.2 - - [06/Nov/2020:16:41:46 -0500] "GET /luya/public_html/admin/login?autologout=1 HTTP/1.1" 200 34441 "http://localhost/luya/public_html/admin" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
from luya.
nadar
commented on August 22, 2024
So this is the request which ends into "no authorization" i assume?
"PUT /luya/public_html/admin/api-cms-navitempageblockitem/update?id=1 HTTP/1.1" 403 1042
Based on your information above the auth header is correctly available in the request, made by javascript:
{"Accept":"application/json, text/plain, */*","Content-Type":"application/json;charset=utf-8","Authorization":"Bearer 4d14963374ddabbe749c4b1515bbfbd17d971a166c003d89c303dad2f9d28ae36QR9UkMBWL312k9CAmoKbbnfj0qPR3f8"}
Now you could track the request to /api-cms-navitempageblockitem/update?id= with yii2 debug toolbar, there you can also see the header informations, so we would know if the auth informations is received by this script or not.
from luya.
neoacevedo
commented on August 22, 2024
How do I track it with Yii2 debug toolbar if when is sent is redirected and the request is lost?
from luya.
nadar
commented on August 22, 2024
If yii2 sends the 403 status (redirect) you can see this redirect in the yii debug panel. Don't you find the put request? Then its already a problem that the request does not even receive the yii application.
Maybe its like the request does not even recieve the yii application, if i look at the response from the server (the "data" attribute from your xhr request above):
<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"\n \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n
<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">
\n
<head>
\n
<title>¡Acceso prohibido!</title>
\n
<link rev=\"made\" href=\"mailto:[email protected]\" />
\n
<style type=\"text/css\">
<!--/*--><![CDATA[/*><!--*/ \n body { color: #000000; background-color: #FFFFFF; }\n a:link { color: #0000CC; }\n p, address {margin-left: 3em;}\n span {font-size: smaller;}\n/*]]>*/-->
</style>
\n
</head>
\n\n
<body>
\n
<h1>¡Acceso prohibido!</h1>
\n
<p>\n\n\n \n\n Usted no tiene permiso para acceder al objeto solicitado.\n El objeto está protegido contra lectura o\n el servidor no puede leerlo.\n\n \n\n</p>
\n
<p>\nSi usted cree que esto es un error del servidor, por favor comuníqueselo al\n<a href=\"mailto:[email protected]\">administrador\ndel portal</a>.\n\n</p>
\n\n
<h2>Error 403</h2>
\n
<address>\n <a href=\"/\">localhost</a><br />\n <span>Apache</span>\n</address>
\n
</body>
\n
</html>
\n\n"This looks like an apache server message, not an yii application error message. So its a problem with your webserver, not with LUYA i would say.
from luya.
nadar
commented on August 22, 2024
Maybe there is a request verb limitation somewhere in your apache config? https://stackoverflow.com/a/25752881/4611030
from luya.
nadar
commented on August 22, 2024
@neoacevedo any news on this? could you please try the latest admin version 3.8?
from luya.
nadar
commented on August 22, 2024
UPDATE: Finally it worked, the htaccess directive and updating the admin version.
very nice. Thanks for the report @neoacevedo
from luya.
Related Issues (20)
- Option to disable luya boot process
- Disable autoRegisterCsrf HOT 1
- Website LInk Hash
- The console controller can only run within a console Application context. HOT 8
- How I get config data in frontend? HOT 5
- Trying to get in touch with you regarding a security issue HOT 1
- ./vendor/bin/luya import not working 'PDOException' with message 'could not find driver' [docker] HOT 4
- How to use normal MVC in an admin module controller? HOT 21
- Get moduleId for Dashboard object
- [Install] Composer error HOT 6
- use `getLangShortCode()` instead. Will be removed in version 3.0 HOT 5
- Console theme/create report error HOT 5
- Wrong namespace in story theme HOT 7
- website resources HOT 8
- update readme links
- update core folder links
- update docs folder links
- update tests folder links
- Add to language helper in Url class HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from luya.