bar.js won't load if current URL 404s due to apache restrictions #407
Comments
|
Thanks @dg for the explanation. Can you think of a way to accommodate that as well as ensuring Tracy can still load in the scenario described above, or should I just close this because it's something we just need to live with? |
|
I do not understand why you can visit |
|
It's possible to visit both. Here is the htaccess file (https://github.com/processwire/processwire/blob/master/htaccess.txt) that contains that rule noted in the OP. I misspoke above when I said it prevents complete access to PHP, but it does prevent
http://pwtest.test/blah/ loads Tracy fine (even though that page still doesn't exist. Of course thes request is making use of mod_rewrite as you can see in the htaccess I just linked to: If I remove that Does that explain it better? Thanks. |
|
Oh, so problem is that Apache returns 404. So solution is to add |
|
I think that point is, that Tracy GET is not even executed, because the Apache denied access before a rewrite rule to index.php is done. |
|
If Tracy appears on the url |
Tracy doesn't appear at that URL - it gives the errors I showed here: #407 (comment) Tracy does appear at: http://pwtest.test/blah (note the missing apostrophe), because the htaccess rule isn't getting invoked and isn't preventing the rewrite at the bottom of the file to Here are some interesting results - note the graphics show the request for the URL itself and then the URL with the tracy get params. http://pwtest.test/blah (no apostrophe)
http://pwtest.test/bla'h (with apostrophe)
So you can see that the request which includes the Do those help explain things? |
|
When I said that Tracy appears I meant that Tracy is enabled (and generates some HTML output). So I don't understand why is Tracy enabled on http://pwtest.test/bla'h but not on http://pwtest.test/bla'h?xxx. Maybe GET parameters aren't passed correctly to PHP. Or maybe there is something in source code that prevents Tracy to do its work. |
|
Sorry, I must be being dumb here, but I don't see that Tracy is generating any HTML output on http://pwtest.test/bla'h - what output are you referring to? |
|
Something like |
|
Well, I do get this when viewing http://pwtest.test/bla'h?_tracy_bar=js&v=2.7.3&XDEBUG_SESSION_STOP=1 directly:
|
|
So try to dump $_GET parameters on this page. |
Returns an empty array |
|
So it is misconfiguration of Apache. Probably somewhere is RewriteRule without QSA. |
|
Ok, so I went looking and it turns out it's this: which prevents the query string parameters from making it to Processwire's 404 handler. Seems like it might be possible to implement a solution in ProcessWire that makes use of Sorry for the time you spent on this today - it just seemed like a weird way to load Tracy's JS file, I wanted to make sure something couldn't be done at this end. |
Version: 2.7.3
Bug Description
If you visit a URL that is blocked by apache (ie before it hits PHP), eg:
http://pwtest.test/hjk'k
when there is an Apache rule like:
preventing access to a URL with a
'.you get the following error:
GET http://pwtest.test/bla'h/?_tracy_bar=js&v=2.7.3&XDEBUG_SESSION_STOP=1 net::ERR_ABORTED 404 (Page Not Found)
Possible Solution
I am not sure the relevance of using
<?= Helpers::escapeHtml($baseUrl) ?>here:tracy/src/Tracy/Bar/assets/loader.phtml
Line 22 in f1d0d25
Is there a reason the full URL to the page is needed here? If the path is changed to the root of the site, eg: http://pwtest.test/?_tracy_bar=js&v=2.7.3&XDEBUG_SESSION_STOP=1 then it loads as expected, but perhaps there is a need for the full url to the current page that I am not aware of.
Thanks.
The text was updated successfully, but these errors were encountered: