Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

DataObjectManager Module /

Discuss the DataObjectManager module, and the related ImageGallery module.

Moderators: martimiz, UncleCheese, Sean, Ed, biapar, Willr, Ingo, swaiba

'HTTP Error' Uploading Documents using FileDataObjectManager

Go to End

46 Posts   9796 Views


Community Member, 12 Posts

3 December 2010 at 10:46am

I'm was experiencing this issue as well, but I was able to learn some things that fixed my problem and may help others. For me, the "HTTP Error" appeared briefly, but the file(s) do upload correctly if I'm logged in as admin. Some file extensions would not upload correctly if I was not admin.

I'm using MultipleFileUploadField in a slightly unique way where we provide a bulk upload to a folder, but the files are not linked at all by a field on a DataObject.

SS: 2.4.3
display_errors is set to 1, dev mode enabled, UploadifyField::show_debug(); set.

I was receiving an email like so:

Error: Uncaught ValidationException: Validation error writing a File object: Extension is not allowed (valid: , ace, arc, arj, asf, au, avi, bmp, bz2, cab, cda, css, csv, dmg, doc, docx, flv, gif, gz, hqx, htm, html, ico, jar, jpeg, jpg, js, m4a, m4v, mid, midi, mkv, mov, mp3, mp4, mpa, mpeg, mpg, ogg, pages, pcx, pdf, pkg, png, pps, ppt, pptx, ra, ram, rm, rtf, sit, sitx, swf, tar, tgz, tif, tiff, txt, wav, wma, wmv, xhtml, xls, xlsx, xml, zip, zipx). Object not written.
At line 931 in /Enterprise_designkh/kh/sapphire/core/model/DataObject.php

I only receive this message for types which are not listed of course, but as I mentioned: if I was logged in as an admin they would still be uploaded. For example, I receive the HTTP Error notice when uploading an exe, but not when uploading a .zip.
However, Uploadify debug info shows:

fileExt: *.*

It looks like the way to modify allowed extensions is a bit clunky: you have to set File::allowed_extensions and update the .htaccess file in the assets folder.

To add extensions to File::allowed_extensions I put the following into _config.php. You could use array_merge() or something if you wanted to add more than one and keep the code pretty.

File::$allowed_extensions[] = "exe";

Then you can either edit the .htaccess file in the assets folder—there are instructions in that file provided with SilverStripe—or you can just delete the /assets/.htaccess file, though that may not be a good security practice.

After making those changes my problems have gone away and everything works fine now.
As a final thought, could be nice if the extensions set on Uploadify were able to overwrite the File::allowed_extensions, but is it possible to dynamically overwrite the .htaccess file extensions list??


Community Member, 42 Posts

3 December 2010 at 11:45pm

Hmm ... interesting... but I have also HTTP Error when I'm logged in as Admin ... and with different file types.


Community Member, 5 Posts

4 December 2010 at 12:41am

I also get the 'HTTP Error' with allowed image file types and when logged in as an admin. My issue is definitely related to authentication though, as I can see the system redirecting to the login page when using WireShark. Unfortunately, I'm having trouble pin pointing where it's redirecting to the login page.


Community Member, 37 Posts

9 December 2010 at 4:54am

Edited: 09/12/2010 4:55am

Hi all,
I was just posting about this issue on
But this seems to be an Uploadify issue or more, a swfupload issue.

The Flash plugin on Mac is not handling the session okay so a redirect is the result to the login page.

But now I hope someone finds a solution to get the session okay to the uploader. I'll keep trying because this is a big issue for me at the moment but my knowledge of this is little.
Would it be possible to sent the session als GET var in the action.url of uploadify? (just a thought)


Forum Moderator, 4102 Posts

9 December 2010 at 5:37am

The session id is passed along with the Flash request. You'll see in uploadify/_config.php that the session id is set from the request. I'm not sure what that wouldn't be working. Maybe try turning off session_use_only_cookies ?

SilverStripe tips, tutorials, screencasts and more:


Community Member, 37 Posts

9 December 2010 at 8:45am

That doesn't fix it for me.

I am affraid that a new version of swfobject is needed. The flash doesn't handle the session right.


Forum Moderator, 4102 Posts

9 December 2010 at 9:47am

It doesn't need to handle the session. It passes the session ID as a request parameter, and the server should grab that and set the session ID from that value.

Did upgrading SWFObject fix the problem?

SilverStripe tips, tutorials, screencasts and more:


Community Member, 37 Posts

9 December 2010 at 9:52am

But how can it be that I am redirected to /Security/login?BackURL....?

Didn't try upgrading SWFObject (yet)...mainly because reading on the SWFObject I don't see any solutions for this problem.