Infinity Loop URL

Question

Infinity Loop URL

Xerton Oct '14

Created Oct '14	Last Reply Oct '14	Replies 2	Views 847	Votes 0

Xerton 7.1k

Oct '14

Hi all,

I have some troubles with urls when I try some tests with it, for example IndexController => indexAction:

There is a infinity loop when I type : domain.localhost/index/index/index/index/index/.... it's working
With this url, it works to : domain.localhost/qsdqsd.qsdqsd_qsdqsd.qsdqsd ndsazl

$di->set('url', function() use ($baseUrl) {
    $url = new \Phalcon\Mvc\Url();
    $url->setBaseUri($baseUrl);
    return $url;
});

$di->set('dispatcher', function() use ($di) {

    $dispatcher = new \Phalcon\Mvc\Dispatcher();
    $dispatcher->setDefaultNamespace('App\Controllers');

    $evManager = $di->getShared('eventsManager');
    $evManager->attach("dispatch:beforeException", function($event, $dispatcher, $exception) use ($di) {

    //if (ENVIRONMENT != 'development') {
        switch ($exception->getCode()) {
            case \Phalcon\Dispatcher::EXCEPTION_HANDLER_NOT_FOUND:
            case \Phalcon\Dispatcher::EXCEPTION_ACTION_NOT_FOUND:
                $dispatcher->forward(
                    array(
                        'controller' => 'errors',
                        'action'     => 'show404',
                        )
                    );

                    return FALSE;
                    break;
            default:
                $dispatcher->forward(
                    array(
                        'controller' => 'errors',
                        'action' => 'uncaughtException',
                    )
                );
                return FALSE;
                break; // for checkstyle
        }
     //}
 });

   $dispatcher->setEventsManager($evManager);
   return $dispatcher;

}, true);

$di->set('router', function() {

    // Init router
    $router = new \Phalcon\Mvc\Router();

    // Use $_SERVER['REQUEST_URI'] (NGINX)
    if (!isset($_GET['_url']))
    {
       $router->setUriSource(\Phalcon\Mvc\Router::URI_SOURCE_SERVER_REQUEST_URI);
    }

    $router->removeExtraSlashes(true);

    // Fetch routes from user
    include (APP_DIR . '/config/routes.php');

    // Inject
    return $router;

});

Thx for your help

Xerton
7.1k

Accepted
answer

Oct '14

Ok, I keeped my dispatcher handler but I modified router by adding 'notFound'.

$di->set('router', function() {
    $router = new \Phalcon\Mvc\Router(false);

    if (!isset($_GET['_url']))
    {
       $router->setUriSource(\Phalcon\Mvc\Router::URI_SOURCE_SERVER_REQUEST_URI);
    }

    $router->notFound(
        array(
            "controller" => "errors",
            "action" => "show404",
        )
    );
    $router->removeExtraSlashes(true);    
    require(APP_DIR . '/config/routes.php');

    // Inject
    return $router;
});

And then define routes for example :

$router->addGet('/', 'index::index');

because domain.local/index/index will return 404.

Phalcon · Answer 1 · 2014-10-20T06:44:32-07:00

Note that $dispatcher->forward() does not change the URL so it's not likely that is the cause of the infinite redirection. Can you find if a redirect is beign made somewhere in your app?

Xerton · Answer 2 · 2014-10-20T08:15:59-07:00

I have some "redirect" in my ControllerBase :

public function beforeExecuteRoute(Dispatcher $dispatcher)
    {
        $controllerName = $dispatcher->getControllerName();  
        $identity = $this->auth->getIdentity();

        if (empty($moduleName))
        {
            if ($this->acl->isPrivate($controllerName)) 
            {
                if (!is_array($identity)) {                
                    return $this->response->redirect("login");
                }  

                $actionName = $dispatcher->getActionName();

                if (!$this->acl->isAllowed($identity['role'], $controllerName, $actionName)) {

                    $this->flash->notice('You don\'t have access to this module: ' . $controllerName . ':' . $actionName);                
                    return $this->response->redirect("login");
                }

            }
        } else {
            if ($this->aclModule->isPrivate($controllerName))
            {
                if (!is_array($identity)) {
                    return $this->response->redirect("login");
                }

                $actionName = $dispatcher->getActionName();

                if (!$this->aclModule->isAllowed($identity['role'], $controllerName, $actionName)) {

                    $this->flash->notice('You don\'t have access to this module: ' . $controllerName . ':' . $actionName);
                    return $this->response->redirect("login");
                }
            }
        }

    }

I have this architecture : app

-> controller

-> models

-> views

-> modules

but it's weird https://domain.localhost/2 => 404 OK

https://domain.localhost/index/2 => 404 OK

https://domain.localhost/index/index/2 => display template (no error)

https://domain.localhost/index/index/index/index/index/index/index/index/index/2 => display template (no error)

Phalcon · Answer 3 · 2014-10-20T17:59:59-07:00

I think that the not found redirects to the same not found handler, do you have a whitelist of controllers that can be accessed without authorization?

Xerton · Answer 4 · 2014-10-21T00:51:11-07:00

Yes, I have a resources whitelist.

But I try to disable 'beforeExecuteRoute' in my ControllerBase, it meens not ACL and no Authentication.

The problem occurred when there is special chars in _url like dot, comma, space,etc.....

Maybe it's an HTTP Server configuration ?