-
- 34 Posts
I’ve installed modx 1.0.0 for a client and everything appears to be working fine except that he is unable to save templates. It makes no difference whether it is an existing template or a new one, clicking on the save button results in a server Error 400: Bad Request message being displayed in the right hand frame. There is no problem creating or editing Template Variables, Chunks, Snippets or Plugins. The 400 error occurs only with templates. I’m stumped. Any suggestions as to what might cause this?
MODx version: 1.0.0
Database Version: 5.0.67-log
PHP Version: 5.2.6
-
- 2,877 Posts
-
- 2,877 Posts
Try this
<IfModule mod_security.c>
SecFilterEngine On
SecFilterSelective "REQUEST_URI" "http://domain.com/manager/index.php" "allow,nolog"
</IfModule>
But also check to see if it’s only in Opera this happens.
-
- 2,877 Posts
That is really weird!
I have no idea, hopefully someone else have.
Change the name of "ht.access" to ".htaccess". If the changed spacing is working for you please watch it and see if it all continues to work ... very interesting!
Ryan Thrash, MODX Co-Founder
Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me
-
- 34 Posts
Stupid of me. I looked at the ht.access file several times and didn’t click that it wasn’t .htaccess. Renamed it, and tested with the default SecFilterEngine Off and with the alternative SecFilterEngine On setting as above. Either way I still get the 400 error unless I add a space in the html and meta tags. No other tags seem to be affected.
Once I added the spaces to the affected tags in the MODxHost Template, I was able to save it. Likewise, once I added the spaces I was able to save the custom template I am building. Unfortunately, the page will not validate with the spaces in the tags. Of course once, the spaces have been added, it’s not possible to remove them.
Actually, it would be a trivial plugin to do that. Just have
$modx->documentOutput = str_replace('< html', '<html', $modx->documentOutput);
and repeat the line for the other tags as required. It wouldn’t be a good idea to just use one line to replace any < followed by a space, since those are often used as arrows or for other purposes in the content (although those really should be expressed by their htmlentities, such as >).
You could just use one line if you wanted to use a regular expression replacement, but those give me a headache.
That’s going to break validation on those pages and probably will cause problems. Safest bet is to consult with your webhost to disable mod_security for the manager.
Ryan Thrash, MODX Co-Founder
Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me