Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

Installing SilverStripe /

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Html Code showing up as text


Go to End


5 Posts   1142 Views

Avatar
2fik

Community Member, 4 Posts

3 January 2014 at 7:44am

Edited: 03/01/2014 7:46am

Hello,
I installed Silverstripe 3.1.2 and after I added a code in .htaccess file because was empty after installation and All works fine only when I go to MySite/Security/ I see html code as text.

My htaccess file is:

### SILVERSTRIPE START ###
<Files *.ss>
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1
</Files>

<Files web.config>
        Order deny,allow
        Deny from all
</Files>

# This denies access to all yml files, since developers might include sensitive
# information in them. See the docs for work-arounds to serve some yaml files
<Files *.yml>
        Order allow,deny
        Deny from all
</Files>

ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html

<IfModule mod_rewrite.c>
       SetEnv HTTP_MOD_REWRITE On
       Options +FollowSymLinks
       RewriteEngine On
       RewriteBase '/'

       RewriteRule ^vendor(/|$) - [F,L,NC]
       RewriteRule silverstripe-cache(/|$) - [F,L,NC]
       RewriteRule composer\.(json|lock) - [F,L,NC]
       RewriteRule ^logout/?$ Security/logout [NC,L]
       RewriteRule ^login/?$ Security/login [NC,L]


       RewriteCond %{REQUEST_URI} ^(.*)$
       RewriteCond %{REQUEST_FILENAME} !-f
       RewriteCond %{REQUEST_URI} !\.php$
       RewriteRule .* framework/main.php?url=%1&%{QUERY_STRING} [L]
</IfModule>
### SILVERSTRIPE END ###

and the html what I see is my default home page.

Avatar
2fik

Community Member, 4 Posts

5 January 2014 at 5:05am

Hi,
I reinstalled my Site and the same problem look at the site :
http://cheraga.net/Security/

is there any solution?

Thanks.

Avatar
martimiz

Forum Moderator, 1391 Posts

5 January 2014 at 6:29am

If .htaccess is made writable before installing SilverStripe it shouldn't be empty after a proper installation... But to make sure I tested with your htaccess and couldn't reproduce your problem.

Yoursite/Security isn't a 'valid' url, it expects either login or logout to be added. So if you go there anyway, the Security class calls its httpError('404') function. This would normally result in just a plain white page, but in your case it displays the raw HTML of the 404 error page instead.

Looking at the SilverStripe code, this seems strange behaviour. Did you install a clean version of silverstripe 3.1.2, without any extra modules or custom code changes?

Avatar
2fik

Community Member, 4 Posts

5 January 2014 at 6:57am

Hi,
yes I installed a clean version of silverstripe 3.1.2 without module and the problem is the same on my local machine (Mac os 10.9.1) and I didn't upload installed files from my local machine to my server but i make a clean install.

Thanks.

Avatar
2fik

Community Member, 4 Posts

6 January 2014 at 10:34am

Hi,
I found that action index after Security (/Security/index) invoke SS_HTTPResponse_Exception look in file RequestHandler.php

catch (SS_HTTPResponse_Exception $e) {
	return $e->getResponse(); 
}

but I don’t know why it returns $e->getResponce and not httpError..

I change a code in the file HTTPResponse.php from

$response->addHeader('Content-Type', 'text/plaintext');
to
if($body == "" AND $statusDescription == ""){
$response->addHeader('Content-Type', 'text/html; charset=utf-8');
}else{
// Error responses should always be considered plaintext, for security reasons
$response->addHeader('Content-Type', 'text/plaintext');
}
and now work without problem.
But I think is better when we change $e->getResponse() to HttpError or is there another solution?