Jump to:

4950 Posts in 13975 Topics by 1490 members

Installing SilverStripe

SilverStripe Forums » Installing SilverStripe » Can't change content - 400 ERROR

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 1858 Views
  • pietro
    Avatar
    Community Member
    18 Posts

    Can't change content - 400 ERROR Link to this post

    Hi there,

    I have a fresh 2.4.0 install. I can't update the default content of any of the pages. I invariably get a red error at the left bottom corner of the cms page saying "error saving content"

    The firebug error goes as follow:
    ____________________________________________
    400//SecurityID doesn't match, possible CSRF attack.

    http://www.mysite.org/sapphire/thirdparty/prototype/prototype.js?m=1274042015
    Line 658

    (?)()
    these()
    getTransport()
    initialize(Object { name="url"}, Object { name="options"})
    create()protot...4042015 (line 25)
    save(Object { name="ifChanged"}, Object { name="callAfter"}, Object { name="action"}, Object { name="publish"})
    action_save_right()
    onclick(Object { name="e"})
    [Break on this error] function() {return new ActiveXObject('Microsoft.XMLHTTP')},\n

    _______________________________________________

    I suspect this has to do with my server configuration but i have no idea how to solve the problem. I have read the forum but none of the available solutions has worked for me.

    Any help will be much appreciated,

    Best,

  • Sean
    Avatar
    Forum Moderator
    921 Posts

    Re: Can't change content - 400 ERROR Link to this post

    In your mysite/_config.php, try adding this line at the bottom:

    Security::disable_all_security_tokens()

    Are there any additional errors reported in Firebug this time?

    Sean

  • pietro
    Avatar
    Community Member
    18 Posts

    Re: Can't change content - 400 ERROR Link to this post

    Thank you Sean. I added the line at the end the config.php file and i get the following error when i try to visit the home page in my browser.

    Fatal error: Call to undefined method Security::disable_all_security_tokens() in /mysite/_config.php on line 37

    At the moment i don't have any more Firebug errors messages.

    Any more suggestions?

  • Sean
    Avatar
    Forum Moderator
    921 Posts

    Re: Can't change content - 400 ERROR Link to this post

    Hi there,

    Sorry, my mistake. Try the following instead:

    Form::disable_all_security_tokens();

    Sean

  • pietro
    Avatar
    Community Member
    18 Posts

    Re: Can't change content - 400 ERROR Link to this post

    I appreciate all your help Sean. It worked!!!

  • Sean
    Avatar
    Forum Moderator
    921 Posts

    Re: Can't change content - 400 ERROR Link to this post

    Great to hear that!

    Still unsure why the security tokens aren't working properly though...

  • Nobrainer Web
    Avatar
    Community Member
    134 Posts

    Re: Can't change content - 400 ERROR Link to this post

    UPDATE: made the trailing slash rewrite ignore the login, by adding RewriteCond %{REQUEST_URI} !^/Security

    I had this error after trying to redirect all url's not ending with a slash "/" to url with slash www.example.com to www.example.com/.
    The code i was using messed up the admin sections and i could not save to DB.

    The following code works to 301 redirect all urls to end with a slash / (Not well tested):
       
       RewriteEngine On
       
       RewriteBase /

       RewriteCond %{HTTP_HOST} !^(www\.)example\.com$ [NC]
       RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

       #RewriteCond %{REQUEST_URI} !\.[^./]+$
       #RewriteCond %{REQUEST_URI} !(.*)/$
       #RewriteRule ^(.*)$ http://www.example.com/$1/ [R=301,L]
       
       ### CHECK FOR TRAILING SLASH - Will ignore admin area, login and files
       RewriteCond %{REQUEST_URI} !^/admin
       RewriteCond %{REQUEST_URI} !^/Security

       RewriteCond %{REQUEST_FILENAME} !-f
       RewriteCond %{REQUEST_URI} !/$
       RewriteCond %{REQUEST_URI} !(.*)/$
       RewriteRule ^(.*)$ $1/ [L,R=301]   

    --
    Thomas B. Nielsen
    webdesign

    1858 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.