Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Installing SilverStripe /

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Can't change content - 400 ERROR


Reply


7 Posts   1911 Views

Avatar
pietro

Community Member, 18 Posts

2 June 2010 at 8:40am

Hi there,

I have a fresh 2.4.0 install. I can't update the default content of any of the pages. I invariably get a red error at the left bottom corner of the cms page saying "error saving content"

The firebug error goes as follow:
____________________________________________
400//SecurityID doesn't match, possible CSRF attack.

http://www.mysite.org/sapphire/thirdparty/prototype/prototype.js?m=1274042015
Line 658

(?)()
these()
getTransport()
initialize(Object { name="url"}, Object { name="options"})
create()protot...4042015 (line 25)
save(Object { name="ifChanged"}, Object { name="callAfter"}, Object { name="action"}, Object { name="publish"})
action_save_right()
onclick(Object { name="e"})
[Break on this error] function() {return new ActiveXObject('Microsoft.XMLHTTP')},\n

_______________________________________________

I suspect this has to do with my server configuration but i have no idea how to solve the problem. I have read the forum but none of the available solutions has worked for me.

Any help will be much appreciated,

Best,

Avatar
Sean

Forum Moderator, 922 Posts

2 June 2010 at 8:34pm

Edited: 02/06/2010 8:35pm

In your mysite/_config.php, try adding this line at the bottom:

Security::disable_all_security_tokens()

Are there any additional errors reported in Firebug this time?

Sean

Avatar
pietro

Community Member, 18 Posts

3 June 2010 at 4:16am

Edited: 03/06/2010 8:16am

Thank you Sean. I added the line at the end the config.php file and i get the following error when i try to visit the home page in my browser.

Fatal error: Call to undefined method Security::disable_all_security_tokens() in /mysite/_config.php on line 37

At the moment i don't have any more Firebug errors messages.

Any more suggestions?

Avatar
Sean

Forum Moderator, 922 Posts

3 June 2010 at 9:58am

Hi there,

Sorry, my mistake. Try the following instead:

Form::disable_all_security_tokens();

Sean

Avatar
pietro

Community Member, 18 Posts

3 June 2010 at 11:01am

I appreciate all your help Sean. It worked!!!

Avatar
Sean

Forum Moderator, 922 Posts

3 June 2010 at 10:53pm

Great to hear that!

Still unsure why the security tokens aren't working properly though...

Avatar
Nobrainer Web

Community Member, 137 Posts

28 October 2011 at 9:06am

Edited: 10/11/2011 1:08am

UPDATE: made the trailing slash rewrite ignore the login, by adding RewriteCond %{REQUEST_URI} !^/Security

I had this error after trying to redirect all url's not ending with a slash "/" to url with slash www.example.com to www.example.com/.
The code i was using messed up the admin sections and i could not save to DB.

The following code works to 301 redirect all urls to end with a slash / (Not well tested):
   
   RewriteEngine On
   
   RewriteBase /

   RewriteCond %{HTTP_HOST} !^(www\.)example\.com$ [NC]
   RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

   #RewriteCond %{REQUEST_URI} !\.[^./]+$
   #RewriteCond %{REQUEST_URI} !(.*)/$
   #RewriteRule ^(.*)$ http://www.example.com/$1/ [R=301,L]
   
   ### CHECK FOR TRAILING SLASH - Will ignore admin area, login and files
   RewriteCond %{REQUEST_URI} !^/admin
   RewriteCond %{REQUEST_URI} !^/Security

   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_URI} !/$
   RewriteCond %{REQUEST_URI} !(.*)/$
   RewriteRule ^(.*)$ $1/ [L,R=301]   

--
Thomas B. Nielsen
[url=http://www.nobrainer.dk/services/webdesign/]webdesign[/url]