Joss Posted December 31, 2014 Share Posted December 31, 2014 Okay, trying to put a site up for a client and am getting the dreaded "This request was aborted because it appears to be forged." I have tried: Checking all permissions (755/644 making sure the sessions/cache/logs any else is there Add bits to config replacing index.php Everthing that Nico suggests in his trouble shooting guide I emptied the sessions directory Turning on Debug gives a warning: Warning: Cannot modify header information - headers already sent by (output started at /home/meinthem/public_html/xxxxx/site/config.php:1) in /home/meinthem/public_html/xxxxxx/wire/core/admin.php on line 14 And the longer winded version of the original error: TemplateFile: This request was aborted because it appears to be forged.<pre>#0 /home/meinthem/public_html/xxxxxx/wire/modules/Inputfield/InputfieldForm.module(66): SessionCSRF->validate() #1 [internal function]: InputfieldForm->___processInput(Object(WireInputData)) #2 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #3 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('processInput', Array) #4 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessLogin/ProcessLogin.module(70): Wire->__call('processInput', Array) #5 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessLogin/ProcessLogin.module(70): InputfieldForm->processInput(Object(WireInputData)) #6 [internal function]: ProcessLogin->___execute() #7 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #8 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('execute', Array) #9 /home/meinthem/public_html/xxxxxx/wire/core/ProcessController.php(213): Wire->__call('execute', Array) #10 /home/meinthem/public_html/xxxxxx/wire/core/ProcessController.php(213): ProcessLogin->execute() #11 [internal function]: ProcessController->___execute() #12 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #13 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('execute', Array) #14 /home/meinthem/public_html/xxxxxx/wire/core/admin.php(85): Wire->__call('execute', Array) #15 /home/meinthem/public_html/xxxxxx/wire/core/admin.php(85): ProcessController->execute() #16 /home/meinthem/public_html/xxxxxx/wire/modules/AdminTheme/AdminThemeReno/controller.php(13): require('/home/meinthem/...') #17 /home/meinthem/public_html/xxxxxx/site/templates/admin.php(15): require('/home/meinthem/...') #18 /home/meinthem/public_html/xxxxxx/wire/core/TemplateFile.php(169): require('/home/meinthem/...') #19 [internal function]: TemplateFile->___render() #20 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #21 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('render', Array) #22 /home/meinthem/public_html/xxxxxx/wire/modules/PageRender.module(356): Wire->__call('render', Array) #23 /home/meinthem/public_html/xxxxxx/wire/modules/PageRender.module(356): TemplateFile->render() #24 [internal function]: PageRender->___renderPage(Object(HookEvent)) #25 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #26 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('renderPage', Array) #27 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(363): Wire->__call('renderPage', Array) #28 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(363): PageRender->renderPage(Object(HookEvent)) #29 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('render', Array) #30 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessPageView.module(172): Wire->__call('render', Array) #31 /home/meinthem/public_html/xxxxxx/wire/modules/Process/ProcessPageView.module(172): Page->render() #32 [internal function]: ProcessPageView->___execute(true) #33 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(341): call_user_func_array(Array, Array) #34 /home/meinthem/public_html/xxxxxx/wire/core/Wire.php(296): Wire->runHooks('execute', Array) #35 /home/meinthem/public_html/xxxxxx/index.php(231): Wire->__call('execute', Array) #36 /home/meinthem/public_html/xxxxxx/index.php(231): ProcessPageView->execute(true) #37 {main}</pre> This is on a server where I have had no problems before and I am at a complete loss what to do next. Any thoughts? Link to comment Share on other sites More sharing options...
ryan Posted December 31, 2014 Share Posted December 31, 2014 Joss, what's on config.php line 1? That's an unusual error to see there. I would guess that when the files were uploaded the encoding got changed somehow? Though double check that you don't have some whitespace prepended in your config.php file. Make sure the first thing in it is a <?php with nothing before it. But if everything looks normal, I would guess that when you uploaded the files something got changed. If they got FTP'd in as ascii, try putting them in as binary. Also, for a quick fix, turn off CSRF protection in your /site/config.php file: $config->protectCSRF = false; But i have a feeling that something might be up with the file encoding, which would cause other problems even if you get the CSRF one fixed. 2 Link to comment Share on other sites More sharing options...
Joss Posted December 31, 2014 Author Share Posted December 31, 2014 Clever chap! There was around 30 characters of white space between the very front of the file and the <?php removing that did it. How would that have effected it? EDIT: I had tried turning off CRSF protection already, but it made no difference, other than adding the header problem Link to comment Share on other sites More sharing options...
ryan Posted December 31, 2014 Share Posted December 31, 2014 Joss, glad that did it! Here's why it caused the error: Cookies are set in the http headers. When PHP sends output before the http headers (as would be the case if you had characters before an opening PHP tag) then it wouldn't be possible to set cookies. The result is that it wasn't able to set the CSRF cookie, so when it went to check if there was a valid CSRF cookie there wasn't, making it think it was forged. 2 Link to comment Share on other sites More sharing options...
Joss Posted December 31, 2014 Author Share Posted December 31, 2014 Ah .... well, that is another one to add to Nico's check list Thanks Ryan! Link to comment Share on other sites More sharing options...
shamus Posted January 23, 2015 Share Posted January 23, 2015 I'm running PW 2.5.3 and am experiencing the dreaded "TemplateFile: This request was aborted because it appears to be forged." error described herein while trying to log into the admin interface AND using a mobile device running iOS. I have tested the admin login successfully using droid mobile devices (both phone and tablets) , along w/ most desktop browsers including IE8-11, FF29+, and most recent Opera and Safari versions. Curious if anyone has experienced the same thing w/ iOS 7 and has a recommended fix? ------------ PLEASE IGNORE: FIXED ----------------------------------Cookies must be enabled...had wrong settings. Link to comment Share on other sites More sharing options...
Jeroen Posted August 24, 2016 Share Posted August 24, 2016 i got this error on my local machine, using Blisk, an awesome browser for developers. adding this to your config.php will make things work again $config->protectCSRF = false; Link to comment Share on other sites More sharing options...
LostKobrakai Posted August 24, 2016 Share Posted August 24, 2016 Disabling csrf, while apparently making it work for you, will also make your site vulnerable to csrf attacks, therefore it's not recommended to do that. 2 Link to comment Share on other sites More sharing options...
szabesz Posted August 25, 2016 Share Posted August 25, 2016 12 hours ago, Jeroen said: using Blisk, an awesome browser for developers. This is the first time I've heard of this browser. Looks awesome and luckily based on Chromium! (I got used to its dev tools and I'm sort of lost when using other browsers' dev tools.) Thanks for the tip! 2 Link to comment Share on other sites More sharing options...
Jeroen Posted August 25, 2016 Share Posted August 25, 2016 Thanks @LostKobrakai, I'm aware. I use the browser to debug. Will remove the setting afterwards @szabesz You're welcome! 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now