magento2: ajax on wysiwyg return "403 Forbidden"

Preconditions

  1. Magento 2.1
  2. php 7.1
  3. mysql 5.6

Steps to reproduce

  1. Fresh install via git clone
  2. composer install
  3. setup from browser
  4. install complete with no error
  5. frontend and backend works. Created category, and Product.
  6. Admin -> Pages -> Home page -> edit http://example.app/magento2/admin_8i3hwr/cms/page/edit/page_id/2/key/33798240ca4d1965118b424471c36c381801569acafb6755c540c6dd3b5f8258/
  7. on wysiwyg editor selected Insert Widget
  8. Select any widget an Click Insert Widget button
  9. on chrome dev console ajax tryes to send POST request to this url. (http://example.app/magento2/admin_8i3hwr/admin/widget/buildWidget/key/a4f0a05cfb62e1c554638244b6d1602f476015b9cbaaecef4856092db94072c8/?isAjax=true) And it returns 403 restricted
  10. Then if I click save it redirects to this url (http://example.app/magento2/admin_8i3hwr/cms/page/save/key/3a6cdf3ff25932480c546293db1f9bb21581cc04b015c2c8a7905826dc0777d5/) But result is 403 Forbidden

Expected result

  1. <img id="e3t3aWRnZXQgdHlwZT0iTWFnZW50b1xTYWxlc1xCbG9ja1xXaWRnZXRcR3Vlc3RcRm9ybSIgdGVtcGxhdGU9IndpZGdldC9ndWVzdC9mb3JtLnBodG1sIn19" src="http://127.0.0.1/test/magento2/pub/static/version1494327864/adminhtml/Magento/backend/en_US/Magento_Widget/placeholder.gif" title="{{widget type=&quot;Magento\Sales\Block\Widget\Guest\Form&quot; template=&quot;widget/guest/form.phtml&quot;}}">

Actual result

  1. [Screenshot, logs] 403 restricted screen shot 2017-05-09 at 22 37 35 screen shot 2017-05-09 at 22 38 11

If I hide wysiwyg and write widget by code it works withoud problem.

<p>{{widget type="Magento\CatalogWidget\Block\Product\ProductsList" title="babycar" show_pager="0" products_count="10" template="product/widget/content/grid.phtml" conditions_encoded="^[`1`:^[`type`:`Magento||CatalogWidget||Model||Rule||Condition||Combine`,`aggregator`:`all`,`value`:`1`,`new_child`:``^]^]"}}</p>

My guesses :

  1. I think this url is not recognized as route and apache trying to access it as a file. (http://example.app/magento2/admin_8i3hwr/admin/widget/buildWidget/key/a4f0a05cfb62e1c554638244b6d1602f476015b9cbaaecef4856092db94072c8/?isAjax=true)
  2. Or it is just permission of some file or dir which gets required in php code is not right. So apache can’t access it. But I have no Idea how to debug it.

Please help

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 16 (5 by maintainers)

Most upvoted comments

It seems problem is apache redirect related closing the issue

+1
matart15 on May 15, 2017
Read more comments on GitHub
← magento2: After upgrading to new version - No such entity with customerId critical logs
magento2: AlertProcessor - Argument #2 ($storeId) must be of type int, string given →