Bug #84098
closed
403 forbidden error on trying to access 404 page
100%
Description
I have a system with the following pagenotfound configurations.
'pageNotFoundOnCHashError' => '0',
'pageNotFound_handling' => '/404',
'pageNotFound_handling_statheader' => 'HTTP/1.0 404 Not Found',
But on having an invalid url ,it fails to redirect to the 404 error page and instead throws the following exception.
Uncaught TYPO3 Exception
#1509296606: Failed to fetch error page "https://example.dev/404", reason: Client error: `GET http://example.dev/404` resulted in a `403 Forbidden` response: <!DOCTYPE html> <html lang="fr"> <head> <meta charset="utf-8"> <!-- This website is powered by TYPO3 - inspiring people (truncated...) (More information)
RuntimeException thrown in file
/var/www/example/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php in line 2053.
17 TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController::pageErrorHandler("http://example.dev/404", "HTTP/1.0 404 Not Found", "Segment "testurl" was not a keyword for a postVarSet as expected on page with id=4.").
On debugging i found that there is a report generation for http requests from typo3 8.7.9 onwards which the following line of code(/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php) indicates.
$report = [];
$res = GeneralUtility::getUrl($code, 1, $headerArr, $report);
if ((int)$report['error'] !== 0 && (int)$report['error'] !== 200) {
throw new \RuntimeException('Failed to fetch error page "' . $code . '", reason: ' . $report['message'], 1509296606);
}
on commenting out statements inside the 'if' condition, everything works fine.I wonder if there is any need for these additional line of code(which wasn't there in Typo3 8.7.8) as it directly throwing out an exception instead of writing it into a log.
Can you guys give any further insight on this?.Thanks in advance.
Updated by Stephan Großberndt about 6 years ago
- Due date deleted (
2018-03-07) - Category changed from Frontend to Link Handling, Site Handling & Routing
- Status changed from New to Needs Feedback
- Target version deleted (
Candidate for patchlevel) - Start date deleted (
2018-03-01) - Complexity deleted (
medium)
With the error message "Segment "testurl" was not a keyword for a postVarSet as expected on page with id=4." this is likely a configuration problem in EXT:realurl, not in the TYPO3 core.
Is there an accessible HTML file named "404" in the webroot?
Updated by Ricky Mathew about 6 years ago
Stephan Großberndt wrote:
With the error message "Segment "testurl" was not a keyword for a postVarSet as expected on page with id=4." this is likely a configuration problem in EXT:realurl, not in the TYPO3 core.
Is there an accessible HTML file named "404" in the webroot?
There is no such configuration problem in realurl. There is page named 404 in webroot. And this works fine with Typo3 8.7.8.The problem is with typo3 8.7.9 onwards.
Updated by Ricky Mathew about 6 years ago
- Status changed from Needs Feedback to New
Updated by Tymoteusz Motylewski about 6 years ago
can you please check if the issue still exists in v8.7.12 ?
AFAIK there were some changes in the getURL method in the last releases.
Updated by Tymoteusz Motylewski about 6 years ago
- Has duplicate Bug #84548: error when installing a 404 error page added
Updated by Markus Dübbert almost 6 years ago
this still exists in 8.7.12
#1509296606: Failed to fetch error page "http://server.de/404", reason: Client error: `GET http://server.de/404` resulted in a `401 Unauthorized` response: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Unauthorized</title> </head><body> <h1>Unauth (truncated...) (More information)
RuntimeException thrown in file
/var/www/adfc/vendor/typo3/cms/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php in line 2053.
Updated by André Stafast almost 6 years ago
Markus Dübbert wrote:
this still exists in 8.7.12
In v8.7.13 too (same error message)
Updated by Toni Weiler almost 6 years ago
I get the same error in version 8.7.16 but with an '503 Service unavailable' error instead of 403.
Uncaught TYPO3 Exception: #1509296606: Failed to fetch error page "https://www.domain.com/404/", reason: Server error: `GET https://www.domain.com/404/` resulted in a `503 Service unavailable` response
The error occurs only a few times a day, and I'm not able to reproduce it when I open the Requested URL: https://www.domain.com/apple_touch_icon.png in the browser.
Updated by Markus Klein almost 6 years ago
- Status changed from New to Needs Feedback
Please every reporter clarify:
- What is your pageNotFound_handling value?
- What is the resource you are referring to with the above setting? A static HTML file or a TYPO3 page again?
Updated by André Stafast almost 6 years ago
Markus Klein wrote:
- What is your
pageNotFound_handlingvalue?
[FE][pageNotFound_handling] = index.php?id=503
I also tested with backslash „/index.php?id=503“
- What is the resource you are referring to with the above setting? A static HTML file or a TYPO3 page again?
A regular TYPO3 page
Updated by Ricky Mathew almost 6 years ago
Markus Klein wrote:
Please every reporter clarify:
- What is your
pageNotFound_handlingvalue?
USER_FUNCTION:typo3conf/pageNotFoundHandling.php:user_pageNotFound->pageNotFound
- What is the resource you are referring to with the above setting? A static HTML file or a TYPO3 page again?
user function is as follows :
class user_pageNotFound {
function pageNotFound($params,$tsfeObj) {
$url = \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL').'index.php?id='.$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['realurl'][\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('HTTP_HOST')]['pagePath']['error404_id'];
$_buffer = \TYPO3\CMS\Core\Utility\GeneralUtility::getUrl($url);
echo $_buffer;
}
}
Updated by Robert Hafenried over 5 years ago
TYPO3 8.7.17
[FE][pageNotFound_handling] = 404.html
[FE][pageNotFoundOnCHashError] = true
[FE][pageNotFound_handling_statheader] = HTTP/1.0 404 Not Found
I get the error only when I try to use the crawler extension for indexing my pages. In all other cases the error page is found without any problems.
Core: Exception handler (WEB): Uncaught TYPO3 Exception: #1509296606: Failed to fetch error page "https://www.mydomain.org/typo3/404.html", reason: Client error: `GET https://www.mydomain.org/typo3/404.html` resulted in a `404 Not Found` response: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text (truncated...) | RuntimeException thrown in file /html/typo3/typo3_src-8.7.17/typo3/sysext/frontend/Classes/Controller/TypoScriptFrontendController.php in line 2054. Requested URL: https://www.mydomain.org/typo3/index.php?M=web_info&moduleToken=--AnonymizedToken--&qid_read=14588&setID=0&id=1
Updated by Riccardo De Contardi over 5 years ago
- Status changed from Needs Feedback to New
Updated by Susanne Moog over 5 years ago
- Sprint Focus set to On Location Sprint
Updated by Joerg Kummer over 5 years ago
I can not reproduce this behavior with 8.7.8, 8.7.12 and 8.7.21-dev (introduction package, realurl 2.4.0).
It seems, that the URL of the error page itself produces these different errors, we find in list here:
- 403 Forbidden (Ricky Mathew)
- 401 Unauthorized (Markus Dübbert)
- 503 Service unavailable (Toni Weiler)
- 404 Not Found (Robert Hafenried) where probably '/typo3/' is wrong path segment
Can you check your pageNotFound url-path's, as written in the error message, request them and ensure it returns HTTP Status 200 OK?
Maybe request them different ways (browser, console, ...)
Updated by Markus Klein over 5 years ago
- Status changed from New to Needs Feedback
Updated by Stefanos Karasavvidis over 5 years ago
I can't reproduce this but I may have an idea on when it happens:
as I understand, TYPO3 makes a request of it own to the server to retrieve the content of the error page, and then dumps this content back to the originating user request.
If the server contains a security module for filtering malicious requests (e.g. mod_security), the requests from the TYPO3 may be recognized as malicious. mod_security in these cases returns a 401. This should be logged to the web server's error_log though.
So may I ask the reporters if they have this kind of module installed or whether they checked the error_log of their web server?
Updated by Markus Klösges over 4 years ago
To give another option for this error:
When the installation is guarded behind a .htaccess authentification, the sub-request will not include the necessary authentication information and therefore lead to a 401 when fetching error messages.
I don't have a solution or workaround, but maybe that information helps someone coming here through google like i was.
Updated by Susanne Moog over 4 years ago
- Sprint Focus deleted (
On Location Sprint)
Updated by Gerrit Code Review over 3 years ago
- Status changed from Needs Feedback to Under Review
Patch set 15 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/58829
Updated by Gerrit Code Review over 3 years ago
Patch set 16 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/58829
Updated by Gerrit Code Review over 3 years ago
Patch set 17 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/58829
Updated by Gerrit Code Review over 3 years ago
Patch set 18 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/58829
Updated by Gerrit Code Review over 3 years ago
Patch set 1 for branch 10.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/65815
Updated by Oliver Hader over 3 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 14c742b79b767d99d31fde70112048c7b38c06a3.
Updated by Gerrit Code Review over 3 years ago
- Status changed from Closed to Under Review
Patch set 1 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/66906
Updated by Gerrit Code Review over 3 years ago
Patch set 2 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/66906
Updated by Gerrit Code Review over 3 years ago
Patch set 3 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/66906
Updated by Gerrit Code Review over 3 years ago
Patch set 4 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/66906
Updated by Gerrit Code Review about 3 years ago
Patch set 5 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/66906
Updated by Benni Mack over 2 years ago
- Status changed from Under Review to Closed