[#32309] - [4.0] Fix fatal error for fake URL in com_menus frontend
- Fixed in Code Base
- 8 Feb 2021
- Medium
- Build: 4.0-dev
- # 32309
- Diff
- joomdonation:fix_fatal_error_for_fake_url
User tests: Successful: Unsuccessful:
Pull Request for Issue #32252.
Summary of Changes
This PR fixes issue #32252. From what I see, we only uses com_menus in the frontend (am I correct?) to display menu items in modal popup only, so we should limit access to all other views (accept view items, layout modal), all other requests are not allowed.
I also remove the Display controller (we uses backend code, so controller is not needed here
Testing Instructions
Test 1
- See #32252 , confirm the issue
- Apply patch, try to access to that fake URL again. Confirm that the fatal error is fixed (the system now displaying The requested page can't be found)
#Test 2: Make sure you can still select a menu item in the frontend
- Create a menu item to link to Create Article menu item type
- Access to that menu item to submit article (You need to login using a super admin account or an account has permission to create article first)
- Look at the editor, Select CMS Content -> Menu, make sure a popup is displayed to allow you to insert a menu item in the article.
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | Front End |
| Title |
|
||||||
@ceford That's expected behavior to me. That fake URL is not allowed to access, so NotAllowed exception is thrown https://github.com/joomla/joomla-cms/blob/4.0-dev/components/com_menus/src/Dispatcher/Dispatcher.php#L52. It is the same with how you access to to the component when you do not have permission
@wilsonge Should we make it works like that? Or having it throws 404 view not found error like in Joomla 3?
| Labels |
Added:
?
|
||
OK. So I modified code to have a proper error message and 403 error code (same as how we do with com_fields frontend). Could you please test it again?
Looks fine here.
Note: I remarked that debug is not displaying on that error page.
| Title |
|
||||||
I think this 403 is fine by the way!
Thanks @wilsonge . If so, I think this PR solves the reported issue properly. @infograf768 Could you please mark your test result?
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/32309.
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/32309.
| Status | Pending | ⇒ | Ready to Commit |
RTC
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/32309.
| Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2021-02-08 07:59:12 |
| Closed_By | ⇒ | infograf768 | |
| Labels |
Added:
?
|
||
Tks
This is not working for me. I have debug mode enabled and reporting set to maximum.
Before applying the patch:
0 Form::loadForm could not load file
Call stack 1: JROOT/libraries/src/MVC/Model/FormBehaviorTrait.php:101
After applying the patch:
0 (and no message)
Call stack 1: JROOT/components/com_menus/src/Dispatcher/Dispatcher.php:52
My url:
http://localhost/joomla-cms-4/index.php?option=com_menus&view=item&client_id=0&layout=edit&id=105
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/32309.