[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

[CakePHP2.x] Problem when using Security component [black-holed]

This is Hase from the development team.

When I was using the Security component to implement a login function with CakePHP, a
mysterious error like this occurred.

The request has been black-holed

A black hole? What is this? .
This especially occurs when you click "back" on your browser after submitting a form and then submit it again. . .

I didn't know what this error was, so
I decided to look into how to solve it.

Allow Post and Ajax

Since almost all errors were occurring on the form screen,
I changed the beforeFilter to allow Post and Ajax.

app/Controller/AppController.php

public function beforeFilter() { $this->Security->validatePost = false; $this->Security->csrfCheck = false; ... // ~Some processing~ }

I checked, hoping that the error would no longer occur
, but the same error occurred.
The investigation begins again.

Fixed overriding

that by allowing Post and Ajax in the beforeFilter of
AppController.php the Controller overrides the beforeFilter and
no longer allows communication.

So, I fixed the Controller that caused the black-hole error.
Add parent::beforeFilter(); to beforefilter

app/Controller/UserController.php

public function beforeFilter() { parent::beforeFilter(); // ~Some processing~ }

I thought the error had gone away,
so I checked, but the same error occurred again. .

Handling black hole callbacks

I've come this far, but the official website has instructions on how to deal with it. .

When restricted by the Security component, by default the request will be discarded with a 400 error as a malformed request.
You can change this behavior by setting the callback function in your controller to $this->Security->blackHoleCallback.

In other words, clicking "Back" on the browser after submitting the form and submitting it again is an
invalid request, which
means that a 400 error was returned and a black-held error occurred.

I should have looked at the official website from the beginning. .

So, modify the beforefilter of the Controller where the black-hole error occurs as follows.

public function beforeFilter() { parent::beforeFilter(); $this->Security->blackHoleCallback = 'blackhole'; $this->Security->validatePost = false; $this->Security->csrfCheck = false; // ~Some kind of processing~ } // Pass through the black hole public function blackhole($type) { }

Now I no longer get black-holed errors! !
I'm relieved. .

reference

https://book.cakephp.org/2.0/ja/core-libraries/components/security-component.html
http://www.aipacommander.com/entry/2015/04/27/180000

If you found this article helpful , please give it a like!
2
Loading...
2 votes, average: 1.00 / 12
6,938
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author

Tatsuya Hase

Joined Beyond Co., Ltd. as a new graduate.

We develop web systems (development of services and systems that run on browsers, such as web services, digital content, and business management systems) and game APIs (development of programs that communicate with application games).

We also develop private/custom apps for Shopify.

Originally worked at the Osaka office, but transferred to the Yokohama office in 2019.
His hobbies are baseball/karaoke/anime