Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-27791

User hash lookup request returns 404 when using Map/URI siteaccess matcher

    Details

      Description

      The HTTP Cache, when turned on, uses the following URL for internal hash lookup request: /_fos_user_context_hash. In a case when the main request has the siteaccess that was matched using the Map/URI Matcher, first few characters (as many as the Matcher key has, e.g. "pol" => 3 characters) are removed from the beginning of the internal request URL, resulting in invalid URL (e.g. "s_user_context_hash"). This shorter, invalid URL is not matched against any route for obvious reasons and is returning a 404 response.

      Steps to reproduce

      1. Create new eZ Platform installation.
      2. Log in to the PlatformUI. Go to "Admin panel"/"Languages". Create new language there (e.g. "pol-PL").
      3. In the PlatformUI, go to "Content"/"Content structure". There, translate the "eZ Platform" folder to the other language.
      4. In the file app/config/ezplatform.yml, change the siteaccess configuration to this (example for "pol_PL" language):

        ezpublish:
            # Repositories configuration, setup default repository to support solr if enabled
            repositories:
                default:
                    storage: ~
                    search:
                        engine: "%search_engine%"
                        connection: default
         
            # Siteaccess configuration, with one siteaccess per default
            siteaccess:
                list: [site, site_pol]
                groups:
                    site_group: [site, site_pol]
                default_siteaccess: site
                match:
                    Map\URI:
                        pol: site_pol
         
            # System settings, grouped by siteaccess and/or siteaccess group
            system:
                site_group:
                    # Pool to use for cache, needs to be different per repository (database).
                    cache_pool_name: '%cache_pool%'
                    # These reflect the current installers, complete installation before you change them. For changing var_dir
                    # it is recommended to install clean, then change setting before you start adding binary content, otherwise you'll
                    # need to manually modify your database data to reflect this to avoid exceptions.
                    var_dir: var/site
                    # System languages. Note that by default, content, content types, and other data are in eng-GB locale,
                    # so removing eng-GB from this list may lead to errors or content not being shown, unless you change
                    # all eng-GB data to other locales first.
                    # HttpCache purge server(s) setting, eg Varnish, for when ezpublish.http_cache.purge_type is set to 'http'.
                    http_cache:
                        purge_servers: ["%purge_server%"]
                site:
                    languages: [eng-GB]
                site_pol:
                    languages: [pol-PL]
        

      5. In the file app/config/config_prod.yml, change the action_level key from critical to error.
      6. In the PlatformUI, go to "Admin panel"/"Roles"/"Anonymous". Edit user/login/siteaccess Limitation there and add the second siteaccess to it.
      7. Clean your cookies (or use incognito mode) and go to "your-site.prod/pol" URL (example for configuration above). Make sure to use the production environment for this request. After accessing it, you will see the following in your production logs:

        [2017-08-22 09:04:36] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was not able to match, message "" [] []
        [2017-08-22 09:04:36] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\UrlAliasRouter was not able to match, message "Could not find 'URLAlias' with identifier 's_user_context_hash'" [] []
        [2017-08-22 09:04:36] request.ERROR: Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\NotFoundHttpException: "No route found for "GET /_fos_user_context_hash"" at C:\Apache24\htdocs\ezplatform\vendor\symfony\symfony\src\Symfony\Component\HttpKernel\EventListener\RouterListener.php line 176 {"exception":"[object] (Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException(code: 0): No route found for \"GET /_fos_user_context_hash\" at C:\\Apache24\\htdocs\\ezplatform\\vendor\\symfony\\symfony\\src\\Symfony\\Component\\HttpKernel\\EventListener\\RouterListener.php:176, Symfony\\Component\\Routing\\Exception\\ResourceNotFoundException(code: 0): None of the routers in the chain matched this request\nGET /_fos_user_context_hash HTTP/1.1\r\nAccept:                    application/vnd.fos.user-context-hash\r\nAccept-Charset:            ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nAccept-Encoding:           gzip, deflate\r\nAccept-Language:           pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4,fr;q=0.2,ru;q=0.2\r\nAuthorization:             \r\nConnection:                close\r\nHost:                      ezplatform.prod\r\nSurrogate-Capability:      symfony2=\"ESI/1.0\"\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent:                Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.101 Safari/537.36\r\nX-Forwarded-For:           127.0.0.1\r\nX-Php-Ob-Level:            1\r\n\r\n at C:\\Apache24\\htdocs\\ezplatform\\vendor\\symfony-cmf\\routing\\ChainRouter.php:207)"} []
        [2017-08-22 09:04:36] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was not able to match, message "" [] []
        [2017-08-22 09:04:36] app.INFO: UrlAlias matched location #2. Forwarding to ViewController [] []
        [2017-08-22 09:04:36] request.INFO: Matched route "ez_urlalias". {"route_parameters":{"_route":"ez_urlalias","_controller":"ez_content:viewAction","contentId":1,"locationId":"2","viewType":"full","layout":true},"request_uri":"http://ezplatform.prod/pol"} []
        [2017-08-22 09:04:36] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
        [2017-08-22 09:04:36] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was unable to generate route. Reason: 'Route 'ez_urlalias' not found': Unable to generate a URL for the named route "ez_urlalias" as such route does not exist. [] []
        

      Side note: it is possible that other Siteaccess Matchers are also causing this behaviour, but in another manner. The solution should ideally solve the problem for all of them.

      1. EZP-27791_6.11.0.patch
        0.7 kB
        Michał Szołtysek
      2. ezp-27791.patch
        1 kB
        Michał Szołtysek

        Issue Links

          Activity

          Hide
          Bertrand Dunogier added a comment -

          Well, the hash will differ per repository (as it is based on permissions), and therefore may differ per siteaccess. That should be a problem.

          Show
          Bertrand Dunogier added a comment - Well, the hash will differ per repository (as it is based on permissions), and therefore may differ per siteaccess. That should be a problem.
          Hide
          Adam Wójs added a comment -
          Show
          Adam Wójs added a comment - PR for ezpublish-kernel: https://github.com/ezsystems/ezpublish-kernel/pull/2096
          Hide
          Adam Wójs added a comment -
          Show
          Adam Wójs added a comment - PR for documentation: https://github.com/ezsystems/developer-documentation/pull/63
          Show
          André Rømcke added a comment - Merged: https://github.com/ezsystems/ezpublish-kernel/commit/16b4edae68e0d10d6682a430b8a4e28a9ac4f8f5
          Hide
          Michał Szołtysek added a comment -

          QA Approved with eZ Platform v1.7.5 & v1.11.0.3 with two versions of patch.

          Show
          Michał Szołtysek added a comment - QA Approved with eZ Platform v1.7.5 & v1.11.0.3 with two versions of patch.
          Hide
          Marek Nocoń added a comment -

          I've installed v1.12.0-rc1 and went through this steps again for the certification phase. I've still received following log entries:

          [2017-10-27 12:27:58] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was not able to match, message "" [] []
          [2017-10-27 12:27:58] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\UrlAliasRouter was not able to match, message "Could not find 'UrlAlias' with identifier 's_user_context_hash'" [] []
          [2017-10-27 12:27:58] request.ERROR: Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\NotFoundHttpException: "No route found for "GET /_fos_user_context_hash"" at /Users/mnocon/Desktop/platform_clean/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/EventListener/RouterListener.php line 174 {"exception":"[object] (Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException(code: 0): No route found for \"GET /_fos_user_context_hash\" at /Users/mnocon/Desktop/platform_clean/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/EventListener/RouterListener.php:174, Symfony\\Component\\Routing\\Exception\\ResourceNotFoundException(code: 0): None of the routers in the chain matched this request\nGET /_fos_user_context_hash HTTP/1.1\r\nAccept:                    application/vnd.fos.user-context-hash\r\nAccept-Charset:            ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nAccept-Encoding:           gzip, deflate\r\nAccept-Language:           en,fr-FR;q=0.9,fr;q=0.8,en-GB;q=0.7,en-US;q=0.6\r\nAuthorization:             \r\nCache-Control:             max-age=0\r\nConnection:                keep-alive\r\nHost:                      pc.local\r\nSurrogate-Capability:      symfony2=\"ESI/1.0\"\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent:                Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36\r\nX-Forwarded-For:           127.0.0.1\r\nX-Php-Ob-Level:            1\r\n\r\n at /Users/mnocon/Desktop/platform_clean/vendor/symfony-cmf/routing/ChainRouter.php:207)"} []
          [2017-10-27 12:27:59] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was not able to match, message "" [] []
          [2017-10-27 12:27:59] app.INFO: UrlAlias matched location #2. Forwarding to ViewController [] []
          [2017-10-27 12:27:59] request.INFO: Matched route "ez_urlalias". {"route_parameters":{"_route":"ez_urlalias","_controller":"ez_content:viewAction","contentId":1,"locationId":"2","viewType":"full","layout":true},"request_uri":"http://pc.local/pol"} []
          [2017-10-27 12:27:59] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
          [2017-10-27 12:27:59] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was unable to generate route. Reason: 'Route 'ez_urlalias' not found': Unable to generate a URL for the named route "ez_urlalias" as such route does not exist. [] []
          

          I've went though the steps as specified (with additional cache clears here and there), the ezplatform.yml file was copied from the description as well.
          I've talked with Michał Szołtysek and it appears the same issue is still present in 1.7.6-rc1 too, Adam Wójs could you have a look if everything is ok here?

          Show
          Marek Nocoń added a comment - I've installed v1.12.0-rc1 and went through this steps again for the certification phase. I've still received following log entries: [2017-10-27 12:27:58] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was not able to match, message "" [] [] [2017-10-27 12:27:58] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\UrlAliasRouter was not able to match, message "Could not find 'UrlAlias' with identifier 's_user_context_hash'" [] [] [2017-10-27 12:27:58] request.ERROR: Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\NotFoundHttpException: "No route found for "GET /_fos_user_context_hash"" at /Users/mnocon/Desktop/platform_clean/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/EventListener/RouterListener.php line 174 {"exception":"[object] (Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException(code: 0): No route found for \"GET /_fos_user_context_hash\" at /Users/mnocon/Desktop/platform_clean/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/EventListener/RouterListener.php:174, Symfony\\Component\\Routing\\Exception\\ResourceNotFoundException(code: 0): None of the routers in the chain matched this request\nGET /_fos_user_context_hash HTTP/1.1\r\nAccept: application/vnd.fos.user-context-hash\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en,fr-FR;q=0.9,fr;q=0.8,en-GB;q=0.7,en-US;q=0.6\r\nAuthorization: \r\nCache-Control: max-age=0\r\nConnection: keep-alive\r\nHost: pc.local\r\nSurrogate-Capability: symfony2=\"ESI/1.0\"\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36\r\nX-Forwarded-For: 127.0.0.1\r\nX-Php-Ob-Level: 1\r\n\r\n at /Users/mnocon/Desktop/platform_clean/vendor/symfony-cmf/routing/ChainRouter.php:207)"} [] [2017-10-27 12:27:59] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was not able to match, message "" [] [] [2017-10-27 12:27:59] app.INFO: UrlAlias matched location #2. Forwarding to ViewController [] [] [2017-10-27 12:27:59] request.INFO: Matched route "ez_urlalias". {"route_parameters":{"_route":"ez_urlalias","_controller":"ez_content:viewAction","contentId":1,"locationId":"2","viewType":"full","layout":true},"request_uri":"http://pc.local/pol"} [] [2017-10-27 12:27:59] security.INFO: Populated the TokenStorage with an anonymous Token. [] [] [2017-10-27 12:27:59] app.DEBUG: Router eZ\Bundle\EzPublishCoreBundle\Routing\DefaultRouter was unable to generate route. Reason: 'Route 'ez_urlalias' not found': Unable to generate a URL for the named route "ez_urlalias" as such route does not exist. [] [] I've went though the steps as specified (with additional cache clears here and there), the ezplatform.yml file was copied from the description as well. I've talked with Michał Szołtysek and it appears the same issue is still present in 1.7.6-rc1 too, Adam Wójs could you have a look if everything is ok here?
          Hide
          Hannes Giesenow added a comment -

          We are also facing this issue after upgrading from 1.7.1.1 to 1.7.7

          Show
          Hannes Giesenow added a comment - We are also facing this issue after upgrading from 1.7.1.1 to 1.7.7
          Hide
          Jacek Foremski (Inactive) added a comment -

          I confirm that the issue is not fixed on 1.7.7.

          Show
          Jacek Foremski (Inactive) added a comment - I confirm that the issue is not fixed on 1.7.7.
          Hide
          Jacek Foremski (Inactive) added a comment -

          Hannes Giesenow Could you create a new Customer Support ticket (using an active subscription) for this issue? It will be taken care of much faster this way.

          Show
          Jacek Foremski (Inactive) added a comment - Hannes Giesenow Could you create a new Customer Support ticket (using an active subscription) for this issue? It will be taken care of much faster this way.

            People

            • Assignee:
              Unassigned
              Reporter:
              Jacek Foremski (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: