If I try to visit an invalid image url e.g. example.com/images/non-existent-image an error is thrown: Symfony\\Component\\Routing\\Exception\\ResourceNotFoundException
How should I prevent this, is there a specific route(-requirement) I should add, or should I use something like a .htaccess rule?
Thanks
If it was a permission error you would get sth like permission denies. Check again the path...also check that you have placed the folder images in the proper directory in server (try moving images/ in the same directory where directory WEB-INF is..files under WEB-INF cannot be accessed for security reasons)
Okay the answer to this question is twofold.
First of all: Yes, static resources should not be requested via the front controller (as per thecatontheflat's comment). Symfony has a rule in the .htaccessfile distributed with the standard edition:
# If the requested filename exists, simply serve it.
# We only want to let Apache serve files and not directories.
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule .? - [L]
As it turned out, my problem was somewhere else. It is normal for symfony to throw the ResouceNotFoundException. However , this error should be caught and should create a 404 instead. This was not happening because I was using IS_GRANTEDin my error template. (Also see stof's comment here)
Related
I'm trying to code a F3 ("Fat Free Framework") application using PhpStorm and XAMPP on Linux.
In order to make use of the .htaccess file provided by F3 necessary for the RewriteEngine (see the comments as why this is wrong), I launch my code using the following special run configuration :
I launch the run configuration, which starts the Web Server. I open a browser and go to http://localhost:8000/ . I can see the content, and the links work and I can navigate from page to page, per the routes defined.
But none of the CSS is there. If I click on "view-source" and click on the CSS link, I get the 404 Not Found message from F3. So, it seems that for some reason, F3 is blocking CSS files.
The beginning of the webpage is as follow:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>A title</title>
<link href="{{#BASE}}/f3style.css" rel="stylesheet" type="text/css" />
</head>
Although the #BASE variable is empty in my case. The "f3style.css" file is really at the root of my web directory currently.
I use the default .htaccess file recommended by F3:
RewriteEngine On
# Uncommenting the following line has no effect
# RewriteBase /
RewriteRule ^(app|tmp)\/|\.ini$ - [R=404]
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L,QSA]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
(Again, see the comments as to why the .htaccess file is irrelevant here)
And here are my routes. They are in "index.php":
<?php
$f3 = require('lib/base.php');
// Routes
require 'controller.php';
$f3->route('GET /index.php', 'Controller->showMain');
$f3->route('GET /', 'Controller->showMain' );
$f3->route('GET /items/#item', 'Controller->showItem');
$f3->run();
Any idea what I should look for?
Based on the screenshot you are using PHP's built-in web server. The thing is: it does not support .htaccess. Therefore all HTTP requests go to your router script (framework/index.php -- part of the F3 app I guess).
I'm not familiar with how F3 routing works, but I'd assume it's the same as any other: it goes through all registered routes/endpoints and if no match found it will report "404 Not Found" response.
Since there are no rules from .htaccess in place to filter out requests for such static/existing files (css/jpg/png/js etc), the request goes through your index.php, through the whole routing table and it's F3 that reports that 404 error back to the browser (when no matching route was found).
There are a few possible solutions here:
Create a separate route(s) for such static resources and serve them there from your F3 code (your code needs to locate a file and send a response with the right headers etc.)
Not really worth implementing it this way TBH (since it's just to handle this specific situation / under PHP's web server).
Do a pre-filter and ignore any requests to such static files. When using PHP's web server it's a matter of returning false in the router script (which tells PHP to use built-in web server code to serve such request). Look at the sample from the following link and add a similar one to your code: https://www.php.net/manual/en/features.commandline.webserver.php#example-426
if (preg_match('/\.(?:png|jpg|jpeg|gif|css)$/', $_SERVER["REQUEST_URI"])) return false;
NOTE: you can add it right into the existing index.php like you did (at the top, after all use lines but before actual code lines) but this means that you are hardcoding such specific-to-PHP's-web-server-only logic into the script that can run under a proper web server.
Instead I suggest creating a separate router script (e.g. php-router.php and use it instead of index.php from your screenshot) where you will do this and if execution will pass that condition, only then call the code from your real index.php (i.e. require './index.php'; or alike)
Why not use Apache web server from your XAMPP to serve the whole site in the first place?
Once Apache is running it handles ALL of the virtual hosts (that you can access via fake domain name in your OS' hosts file or by having website on a custom dedicated port) -- no need to launch each site separately.
Apache obviously fully supports .htaccess and always better/more features/more close to the production environment than for-dev-only PHP's built-in web server (mod_rewrite and other modules).
I have problem when I Try Display Image on my login page It doesn't appear
<?= $this->Html->image('crm.jpg', ['alt' => 'User image']); ?>
When I check the console on Chrome
Failed to load resource: the server responded with a status of 404 (Not Found)
When I try accessing http://localhost/intellix/img/crm.jpg it says
Error: ImgController could not be found.
Which isn't needed.
crm.jpg is located in webroot/img/
Now the weird part if i change crm with another image name ex: silhouette.png it works fine but so far it only worked with this one
Any Ideas ?
(Note : Using Chrome Cakephp Sublime text Up to date)
Edit : I had the same problem trying to load CSS Scripts Files
It seems that your image crm.jpg does not exist. In this case, CakePHP is routing the request to ImgController. Is the image silhouette.png located in the same directory?
A second thing might be the access right. Maybe it is not readable? Check the access rights and make it at least readable for all.
the problem was indeed in access right in this file
.htaccess inside webroot folder
There was this line which I added
RewriteRule ^(.*)$ index.php [QSA,L]
Restoring it to default Removing it did the trick
I have an rewrite recursion error somewhere on my website that Google Bot caused, but I can't find the url that caused it because my Loglevel is low. I raised it but it has not happened again so far.
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
All Rewriterules look fine to me and have the [L] flag, except this one.
I can't quite understand it. It is from the open source shop system Magento.
As far as I can tell it does nothing but sets the environment variable E. But isn't that a very stupid way of doing that? Shouldn't you use SetEnv if that was the goal?
Symfony developers Group has a good answer for it. I quote:
it looks like your hosting is running php as a fcgi, not a php5_module, like your localhost does. ( phpinfo - Server API: CGI/FastCGI )
the point is that php5_module automatically handles HTTP_AUTHORIZATION headers, but fcgi_module does not.
solution is simple - add this line to your .htacces on your hosting server:
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
It worked for me
This line is setting the environment variable to the value of user authentication string - essentially setting a variable rather than constant value. As far as I know, SetEnv and SetEnvIf only allow you to set an environment variable to a predetermined constant.
The variable being set is actually HTTP_AUTHORIZATION, not E. I would guess this is part of the user authentication process.
I try to use AvalancheImagineBundle and I don't understand how it can works in production environment.
The default cache_prefix is media/cache. All cached images will be in the myProject/web/media/cache directory and it's also a Symfony2 route :
Name Method Scheme Host Path
_imagine_thumbnail GET ANY ANY /uploads/cache/{filter}/{path}
If I do a test on this url "http://my-project.fr/app.php/", the bundle works fine:
The first time, I try to show the /app.php/media/cache/thumbnail/profile.jpg picture. The Symfony2 route is caught. The bundle return the cropped picture and cache it.
The second time, the route is caught again and the bundle redirects me to the cached picture /media/cache/
In short, the first time /app.php/media/cache -> bundle, and second time /media/cache -> assets
But in production environment, app.php is missing so how the bundle can do the difference ?
I'm not familiar with lighttpd, so I can only point you to a direction where to look.
The "switch" is done via .htaccess, here are two relevant lines and explanation:
# If request is an existing file, then it's simply returned
RewriteCond %{REQUEST_FILENAME} !-f
# Else the request is pushed to the app.php front controller
RewriteRule ^(.*)$ app.php/$1 [QSA,L]
I think you're missing first part of this config.
P.S. Note that app.php isn't actually missing, it's just "hidden".
The -f option does not exist in lighttpd so I switch to apache2 and everything work well.
Most htaccess 404 error rules are based on an absolute directory location, eg /404.php. I want one that is relative to the location it's placed in (so when I transfer from test environment in WAMP to live, I don't have to hope I edit the file right).
Unfortunately,
ErrorDocument 404 404Error.php
Just prints out 404Error.php to the browser, it doesn't call the actual error page like
ErrorDocument 404 /FOOBAR/404Error.php
does.
Edit:
I guess I wasn't clear enough. Test environment is a WAMP local server, with the error file at /FOOBAR/404Error.php while the 'live' server would be www.fubar.com/404error.php -- placing it in the root.
How's this?
ErrorDocument 404 ../directory/404page.html
RewriteBase /FOOBAR/
ErrorDocument 404 404Error.php
This works too, but Tycho's solution is a bit more elegant. Only use this one if you don't plan on using .htaccess for anything outside of /FOOBAR/ pretty much.