Joss Posted December 31, 2014 Posted December 31, 2014 Okay, trying to put a site up for a client and am getting the dreaded "This request was aborted because it appears to be forged." I have tried: Checking all permissions (755/644 making sure the sessions/cache/logs any else is there Add bits to config replacing index.php Everthing that Nico suggests in his trouble shooting guide I emptied the sessions directory Turning on Debug gives a warning: Warning: Cannot modify header information - headers already sent by (output started at /home/meinthem/public_html/xxxxx/site/config.php:1) in /home/meinthem/public_html/xxxxxx/wire/core/admin.php on line 14 And the longer winded version of the original error: TemplateFile: This request was aborted because it appears to be forged.<pre>#0 /home/meinthem/public_html/xxxxxx/wire/modules/Inputfield/InputfieldForm.module(66): SessionCSRF->validate() #1 [internal function]: InputfieldForm->___processInput(Object(WireInputData)) #2 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #3 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('processInput', Array) #4 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessLogin/ProcessLogin.module(70): Wire->__call('processInput', Array) #5 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessLogin/ProcessLogin.module(70): InputfieldForm->processInput(Object(WireInputData)) #6 [internal function]: ProcessLogin->___execute() #7 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #8 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('execute', Array) #9 /home/meinthem/public_html/xxxxxx/wire/core/ProcessController.php(213): Wire->__call('execute', Array) #10 /home/meinthem/public_html/xxxxxx/wire/core/ProcessController.php(213): ProcessLogin->execute() #11 [internal function]: ProcessController->___execute() #12 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #13 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('execute', Array) #14 /home/meinthem/public_html/xxxxxx/wire/core/admin.php(85): Wire->__call('execute', Array) #15 /home/meinthem/public_html/xxxxxx/wire/core/admin.php(85): ProcessController->execute() #16 /home/meinthem/public_html/xxxxxx/wire/modules/AdminTheme/AdminThemeReno/controller.php(13): require('/home/meinthem/...') #17 /home/meinthem/public_html/xxxxxx/site/templates/admin.php(15): require('/home/meinthem/...') #18 /home/meinthem/public_html/xxxxxx/wire/core/TemplateFile.php(169): require('/home/meinthem/...') #19 [internal function]: TemplateFile->___render() #20 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #21 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('render', Array) #22 /home/meinthem/public_html/xxxxxx/wire/modules/PageRender.module(356): Wire->__call('render', Array) #23 /home/meinthem/public_html/xxxxxx/wire/modules/PageRender.module(356): TemplateFile->render() #24 [internal function]: PageRender->___renderPage(Object(HookEvent)) #25 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #26 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('renderPage', Array) #27 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(363): Wire->__call('renderPage', Array) #28 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(363): PageRender->renderPage(Object(HookEvent)) #29 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('render', Array) #30 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessPageView.module(172): Wire->__call('render', Array) #31 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessPageView.module(172): Page->render() #32 [internal function]: ProcessPageView->___execute(true) #33 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #34 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('execute', Array) #35 /home/meinthem/public_html/xxxxxx/index.php(231): Wire->__call('execute', Array) #36 /home/meinthem/public_html/xxxxxx/index.php(231): ProcessPageView->execute(true) #37 {main}</pre> This is on a server where I have had no problems before and I am at a complete loss what to do next. Any thoughts?
ryan Posted December 31, 2014 Posted December 31, 2014 Joss, what's on config.php line 1? That's an unusual error to see there. I would guess that when the files were uploaded the encoding got changed somehow? Though double check that you don't have some whitespace prepended in your config.php file. Make sure the first thing in it is a <?php with nothing before it. But if everything looks normal, I would guess that when you uploaded the files something got changed. If they got FTP'd in as ascii, try putting them in as binary. Also, for a quick fix, turn off CSRF protection in your /site/config.php file: $config->protectCSRF = false; But i have a feeling that something might be up with the file encoding, which would cause other problems even if you get the CSRF one fixed. 2
Joss Posted December 31, 2014 Author Posted December 31, 2014 Clever chap! There was around 30 characters of white space between the very front of the file and the <?php removing that did it. How would that have effected it? EDIT: I had tried turning off CRSF protection already, but it made no difference, other than adding the header problem
ryan Posted December 31, 2014 Posted December 31, 2014 Joss, glad that did it! Here's why it caused the error: Cookies are set in the http headers. When PHP sends output before the http headers (as would be the case if you had characters before an opening PHP tag) then it wouldn't be possible to set cookies. The result is that it wasn't able to set the CSRF cookie, so when it went to check if there was a valid CSRF cookie there wasn't, making it think it was forged. 2
Joss Posted December 31, 2014 Author Posted December 31, 2014 Ah .... well, that is another one to add to Nico's check list Thanks Ryan!
shamus Posted January 23, 2015 Posted January 23, 2015 I'm running PW 2.5.3 and am experiencing the dreaded "TemplateFile: This request was aborted because it appears to be forged." error described herein while trying to log into the admin interface AND using a mobile device running iOS. I have tested the admin login successfully using droid mobile devices (both phone and tablets) , along w/ most desktop browsers including IE8-11, FF29+, and most recent Opera and Safari versions. Curious if anyone has experienced the same thing w/ iOS 7 and has a recommended fix? ------------ PLEASE IGNORE: FIXED ----------------------------------Cookies must be enabled...had wrong settings.
Jeroen Posted August 24, 2016 Posted August 24, 2016 i got this error on my local machine, using Blisk, an awesome browser for developers. adding this to your config.php will make things work again $config->protectCSRF = false;
LostKobrakai Posted August 24, 2016 Posted August 24, 2016 Disabling csrf, while apparently making it work for you, will also make your site vulnerable to csrf attacks, therefore it's not recommended to do that. 2
szabesz Posted August 25, 2016 Posted August 25, 2016 12 hours ago, Jeroen said: using Blisk, an awesome browser for developers. This is the first time I've heard of this browser. Looks awesome and luckily based on Chromium! (I got used to its dev tools and I'm sort of lost when using other browsers' dev tools.) Thanks for the tip! 2
Jeroen Posted August 25, 2016 Posted August 25, 2016 Thanks @LostKobrakai, I'm aware. I use the browser to debug. Will remove the setting afterwards @szabesz You're welcome! 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now