Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Routing in 1.5.4 breaks my apps
Routing in 1.5.4 breaks my apps
  • El Forum
    Guest
  •  
#1
09-12-2007, 10:39 AM

[eluser]Michael Ekoka[/eluser]
I just updated my copy of CI from 1.5.3 to 1.5.4 and the routing breaks my application with the following error:

The URI you submitted has disallowed characters.

I replaced the current Router.php file with my old one and it works. Could anyone tell me what was changed in the two files?

Thanks.

Mike
  • El Forum
    Guest
  •  
#2
09-12-2007, 10:48 AM

[eluser]Michael Wales[/eluser]
In config.php
Code:
/*
|--------------------------------------------------------------------------
| Allowed URL Characters
|--------------------------------------------------------------------------
|
| This lets you specify which characters are permitted within your URLs.
| When someone tries to submit a URL with disallowed characters they will
| get a warning message.
|
| As a security measure you are STRONGLY encouraged to restrict URLs to
| as few characters as possible.  By default only these are allowed: a-z 0-9~%.:_-
|
| Leave blank to allow all characters -- but only if you are insane.
|
| DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!!
|
*/
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_-';

Note: This is the default setting from that file - you will need to modify for your own needs.
  • El Forum
    Guest
  •  
#3
09-12-2007, 11:24 AM

[eluser]coolfactor[/eluser]
What are some of the uri's that are breaking in your apps. Please give examples.
  • El Forum
    Guest
  •  
#4
09-12-2007, 12:53 PM

[eluser]Michael Ekoka[/eluser]
Thanks walesmd and coolfactor for responding. To answer your question, coolfactor, the problem was specific to the index urls of the application, more precisely the ones of the form:

http://host/my_app_home
http://host/my_app_home/

any other urls was working, i.e:

http://host/my_app_home/index.php
http://host/my_app_home/controller_x
http://host/my_app_home/controller_x/action_y
etc.

I was able to fix my problem without changing the CI installation by modifying my .htaccess file from:
Quote:<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond $1 !^(index\.php|images|robots\.txt|public/*)
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

to

Quote:<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond $1 !^(index\.php|images|robots\.txt|public/*)
RewriteRule ^(.*)$ index.php$1 [L]
</IfModule>


Now, after inspecting the code, I found out why it used to work in v.1.5.3 and not in 1.5.4. There have been some modifications to the whole url sanitization process. The old Router.php class had a little routine that would remove the trailing slash in an empty url at around line 95-99

Code:
// If the URI contains only a slash we'll kill it
        if ($this->uri_string == '/')
        {
            $this->uri_string = '';
        }

In 1.5.4, that routine has been moved to the URI class in the _fetch_uri_string() method, but that method more than likely returns before the check can be performed. As a result, if there's a trailing slash in the url, at some point in the process there will be an attempt to match the empty string to the list of permitted characters (see _explode_segments() and _filter_uri() methods in URI.php v.1.5.4, lines 225 & 188). That's where the error comes from.

I would suggest to reinsert the check for the trailing slash into the process at some point. This is probably a trivial change.
  • El Forum
    Guest
  •  
#5
09-18-2007, 09:59 PM

[eluser]Michael Ekoka[/eluser]
First my apologies guys: I just downloaded the stable version of CI and realized that the code that had previously been breaking my applications is only in the svn repository.

UPDATE: changing my mod_rewrite like described earlier only fixed the problem for the index url, but created another for the rest of the site. So I reverted back to my original mod_rewrite script (which btw works fine in stable 1.5.4).


Now, to the development team, with some luck they might read it:

- in the URI.php file currently in the repository, between line 119 and 223, you have this little check that almost never gets a chance to run, because the _fetch_uri_string() method will more than likely return before it. This creates the problem that I described in my original post.

Code:
// If the URI contains only a slash we'll kill it

        if ($this->uri_string == '/')

        {

            $this->uri_string = '';

        }

Thank you for your time.




Theme © iAndrew 2016 - Forum software by © MyBB