simple question :if you make post route and try to access it from google chrome it give me No Message error
example :
Route::post('/Login', 'User#Login');
localhost/Login
if i access it from Postman as post request it give what i want
if i access it from Postman as get request
or
if i access it from GoogleChrome (" which is Get Request ")
it return No message error
what i want to redirect any one try to access any route as get to 404notfound page
attached image for the error
I believe that once you set your environment to production, the route will give you a HTTP 405 Method Not Allowed response, not sure how you would change it to a 404.
So in your .env you must set APP_ENV to equal production. Like so:
APP_NAME=Laravel
APP_ENV=production
APP_KEY=[encryption key]
APP_DEBUG=false
APP_URL=http://localhost
I haven't tested this but maybe you can set another route for the GET version which would return the 404.
Route::get('/Login', function() {
return abort(404);
});
Related
I'm trying to get data from a database through this ajax request:
axios.get('/about-info')
web.php:
Route::get('/about-info', [CMSController::class, 'aboutInfo']);
CMSController.php:
public function aboutInfo()
{
$data = DB::table('about_info')->first('order by id desc');
return $data;
}
but instead I am getting the whole welcome.blade.php content. It looks like the url in web.php is not called and instead a redirect happens. The dev tools network tab shows a 302 redirect.
This thread seems to have insight on this issue. I've been trying to implement answer 3 (adding accept: 'application/json to the config/headers object of the request) but the object already has that entry:
config:
headers:
Accept: "application/json, text/plain, */*"
This guide is talking about auth middleware being the possible cause of this problem but I'm not using middleware (at least none I am aware of). Any idea how to get to the root of this?
Have you tried moving the route to your api routes file? All routes in the web namespace receive session state, CSFR, and possibly more that could be getting in the way (i.e. "new session, go to the welcome screen!").
This would change your URL path to:
axios.get('/api/about-info')
Turns out that web.php was not working at all because of caching issues. Running:
php artisan route:clear
made it work again and showed every problem, which could not be detected before clearing the cache.
I'm new to Laravel and i have the next problem.
I have an API POST route that works properly in the localhost. I send POST requests from POSTMAN:
Route::group(['middleware' => 'api_import'], function () {
Route::get('/products', [ArticlesController::class, 'index']);
Route::post('/products', [ArticlesController::class, 'addOrUpdateArticles']);
Route::post('/categories', [CategoriesController::class, 'addOrUpdateCategories']);
});
However, it will not work on hosting. Hosting is shared, and I get the message:
When json contains a couple of products everything works properly. When json contains a complete table of 3500 products I get this error.
It is possible that there is a redirect on the page. You should confirm this through the network tab in your browser, because any POST request with a redirect is considered a GET request, so an error appears (405 Method Not Allowd)
So I've been building a projet based on laravel. I'm building on a SPA foundation with sanctum as my authorization package. It works perfectly. Then I deploy the project to the server and everytime I try to login there is a 404 error on /sanctum/csrf-cookie.
How could this happen? Is it because the SanctumServiceProvider not working.
The problem is when you define sanctum prefix, the route become something else like this:
you can check your routes with : php artisan route:list
as you can see the /sanctum/ is removed and when you check the route /sanctum/csrf-cookie it will not be and throws 404 error. So you have two options:
add this prefix: 'prefix' => 'api/v1/sanctum'
or
change GET call to api/csrf-cookie
You need to check if you're setting correct axios defaults for your /sanctum/csrf-cookie api call.
You can set it as follows
axios.defaults.withCredentials = true;
axios.defaults.baseURL = "http://localhost"; //Before sending get request
axios.get("/sanctum/csrf-cookie").then(async () => {
//Logic to handle login
});
If defaults are not set properly url becomes http::localhost::8080/sanctum/crf-cookie which is where frontend is serving but instead it has to be http::localhost/sanctum/csrf-cookie
Note: localhost example is just for explanation. For production server make sure your url is correct and api call is on backend.
I solved this issue by adding:
AllowOverride All
to the apache directory config
add in last line inside config/sanctum.php
'routes' => false,
Add in config/cors.php
'paths' => ['*']
My server uses SSL and thus all my routes/urls use https. I recently discovered a bug in Laravel 5.7 which was exposed when trying to use Email Verification, which does not work on a server with https. I wont go into the specifics of that problem as I have another question for that. I want to keep this simple.
I have the following settings in my .env file:
APP_USE_HTTPS=true
APP_URL=https://www.example.com
APP_ENV=production
And I have the following in the boot() method of the AppServiceProvider
if (env('APP_USE_HTTPS')) {
Log::info('AppServiceProvider: forcing URLs to use https');
URL::forceScheme('https');
}
And it may be overkill but to try to resolve the issue I also put the following code at the top of my web.php routes file"
if (env('APP_USE_HTTPS')) {
Log::info('Routes: forcing URLs to use https');
URL::forceScheme('https');
}
Route::get('/', 'PublicController#getHome');
Route::get('home', 'PublicController#getHome');
Then in my PublicController.getHome() method I put this code:
public function getHome()
{
$currentPath= Request::fullUrl();
Log::info($currentPath);
return view('public.home');
}
Now I go to my browser and enter this in the address bar:
https://www.example.com
And I get this in my log file:
AppServiceProvider: forcing URLs to use https
Routes: forcing URLs to use https
http://www.example.com
So as you can see from the last log message the fact that laravel always uses http instead of https is beginning to create issues. Starting with signed routes. I am trying to use the built-in Email Verification but the signature is being generated using https route and the email sent to user does have https in the url for going back to the same server. However the validation for the route is using http (even though https was used) so it generates a different signature and thus all verifications links fail with a 403 error.
Is there anything I am missing? I can't seem to find code that shows me how Laravel knows to use https or http or is it just hard coded for http?
Thanks for any help you can give me.
*** Update to show problem with Shaielndra Gupta answer ****
After implementing the middleware below is the code I used but as you will see the core problem exists in ALL methods dealing with url. So for example:
$request->secure()
returns false even when https was used. Then by calling:
redirect()->secure($request->getRequestUri());
does no good because that will cause the route to loop back into this method again which still returns false for secure(), basically creating an infinite loop (or infinite too many redirects)
class ForceHttpsProtocol {
public function handle($request, Closure $next) {
Log::info('request uri: '.$request->fullUrl());
Log::info('secure: '.($request->secure() ? 'yes' : 'no'));
if (!$request->secure() && env('APP_USE_HTTPS')) {
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
}
The log from the above code will produce the following when you make 1 attempt to go to any page even when using https://www.example.com
request uri: http://www.example.com
secure: no
request uri: http://www.example.com
secure: no
request uri: http://www.example.com
secure: no
request uri: http://www.example.com
secure: no
< over and over till page times out >
After much research I finally discovered what the issue is.
My live server is installed on an Amazon EC2 server which is behind a Load Balancer.
The load balancer is receiving the (https) request and handling all the SSL requirements and then forwarding the request to my website as http.
To fix this issue I had to install the fideloper/TrustedProxy package. This package allows my site to trust the proxy and get the valid headers for the request so it now knows the request was actually sent using https.
Laravel wrote an article which describes my condition exactly.
https://laravel-news.com/trusted-proxy
This is the package I installed:
https://github.com/fideloper/TrustedProxy
change in your config/session.php
'http_only' => true,
change it to
'http_only' => false,
or make a middlewere HttpsProtocol.php
namespace MyApp\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\App;
class HttpsProtocol {
public function handle($request, Closure $next)
{
if (!$request->secure() && App::environment() === 'production')
{
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
}
Then, apply this middleware to every request adding setting the rule at Kernel.php file in protected $routeMiddleware array,
'https'=>App\Http\Middleware\HttpsProtocol::class
change This
APP_USE_HTTPS=true
APP_URL=https://www.example.com
to this
APP_URL=http://www.example.com
APP_USE_HTTPS=false
Because Laravel uses APP_URL to generate urls.
my route
Route::post('register', function()
{
return "POST SUCCESS!";
});
works fine if I chane it to "get".
As soon as I change it to post (and use postman to actually send a post request) I get an error 500.
Its driving me crazy and I cant find the answer..
There is also nothing in the php error log... o_0
Make sure you have created .env file for local environment.
Take a look at storage/logs/laravel.log, you should find error there, e.g.:
cat storage/logs/laravel.log | grep "\[201