[CakePHP2.x] Problem when using Security component [black-holed]
This is Hase from the development team.
When I was using the Security component to implement a login function with CakePHP, a
mysterious error like this occurred.
The request has been black-holed
A black hole? What is this? .
This especially occurs when you click "back" on your browser after submitting a form and then submit it again. . .
I didn't know what this error was, so
I decided to look into how to solve it.
Allow Post and Ajax
Since almost all errors were occurring on the form screen,
I changed the beforeFilter to allow Post and Ajax.
app/Controller/AppController.php
public function beforeFilter() { $this->Security->validatePost = false; $this->Security->csrfCheck = false; ... // ~Some processing~ }
I checked, hoping that the error would no longer occur
, but the same error occurred.
The investigation begins again.
Fixed overriding
that by allowing Post and Ajax in the beforeFilter of
AppController.php the Controller overrides the beforeFilter and
no longer allows communication.
So, I fixed the Controller that caused the black-hole error.
Add parent::beforeFilter(); to beforefilter
app/Controller/UserController.php
public function beforeFilter() { parent::beforeFilter(); // ~Some processing~ }
I thought the error had gone away,
so I checked, but the same error occurred again. .
Handling black hole callbacks
I've come this far, but the official website has instructions on how to deal with it. .
When restricted by the Security component, by default the request will be discarded with a 400 error as a malformed request.
You can change this behavior by setting the callback function in your controller to $this->Security->blackHoleCallback.
In other words, clicking "Back" on the browser after submitting the form and submitting it again is an
invalid request, which
means that a 400 error was returned and a black-held error occurred.
I should have looked at the official website from the beginning. .
So, modify the beforefilter of the Controller where the black-hole error occurs as follows.
public function beforeFilter() { parent::beforeFilter(); $this->Security->blackHoleCallback = 'blackhole'; $this->Security->validatePost = false; $this->Security->csrfCheck = false; // ~Some kind of processing~ } // Pass through the black hole public function blackhole($type) { }
Now I no longer get black-holed errors! !
I'm relieved. .
reference
https://book.cakephp.org/2.0/ja/core-libraries/components/security-component.html
http://www.aipacommander.com/entry/2015/04/27/180000