ContentBox 3.0 beta - Installer not work

Hello,

I tried installing ContentBox 3.0 Beta for the first time and am seeing some errors.

I am running:
Ubuntu 15.10
Lucee 4.5
MySQL 5.6

I downloaded the latest beta version from the website with wget to my server. After creating the DSN I went through the installation. The installation can verify the datasource and then stops with following error:

`
Event: contentbox-installer:home.index
Routed URL: cbInstaller/
Layout: N/A (Module: )
View: N/A
Timestamp: 02/13/2016 02:15:47 PM Type: template
Messages: too many Attributes in function call [trim]

Tag Context:
Template: /tmp/mysite/modules/contentbox-installer/models/InstallerService.cfc
LINE: 458: for( var key in settings ){
459: // Prepare core setting
460: var props = { name = key, value= trim( settings[ key ], isCore = true ) };
461: arrayAppend( aSettings, settingService.new( properties=props ) );
462: }
`

Had someone already this error and know how I can solve this?

This error exists also when i install trought commandbox like following:

`
box install contentbox-be && box server start

`

Greetings,
Andy

Hi Andy,

Just remove isCore=core on line 460
var props = { name = key, value= trim( settings[ key ], isCore = true ) };

TO

var props = { name = key, value= trim( settings[ key ] ) };

This will fix the issue

Ahh that’s a typo. Good catch

Luis Majano
CEO
Ortus Solutions, Corp
www.ortussolutions.com
P/F: 1-888-557-8057

I was able to get ContentBox using the fix that Sana posted but am having an issue in the admin. When I go to System → Settings and try and save the form, I get the following error posting to this url: /cbadmin/settings/save

The page you requested: 403.shtml

Does not exist. Please check your info and try again!

I am running ContentBox v3.0.0-beta+00401, which I downloaded last night.

Other pages in the admin seem to work but I am still clicking through things. I haven’t played with ContentBox before so I am checking things out (I couldn’t get it working prior).

BTW, when I installed CB, I did select the default content although I don’t know if that matters for this issue. Thanks.

-Daniel

Daniel Garcia

daniel@garciadev.com

I fixed the last issue you had.

As for that error I am not sure how you installed it. Did you setup rewrites?

Luis Majano
CEO
Ortus Solutions, Corp
www.ortussolutions.com
P/F: 1-888-557-8057

Luis,

Thank you for the message. I am running this on a Linux server and enabled mod_rewrite, which was an option I selected during the setup. I also uploaded the .htaccess file, although I did not modify it as the rewrite rules look like they are enabled by default.

I can submit other pages in the admin (create new pages, update look and feel, update my password, etc). It is just the System settings submission that is giving me the error. Looking at the HTTP headers the error I see is: HTTP/1.1 404 Not Found

I did some more digging (with the awesome support people at Vivio Technologies) and think we may have found something. I am running Comodo WAF and when I disable that for the domain, I was able to submit the system settings page. When I re-enable it I cannot. It turns out it was failing on these two rules:

213020: COMODO WAF: IE XSS Filters - Attack Detected.
211650: COMODO WAF: Detects MSSQL code execution and information gathering attempts

Here is the error message that get sent to me (I changed the domain name for sharing purposes):

[Sun Feb 14 21:58:11 2016] [error] [client 50.178.111.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match “(?i:(?:\\sexec\\s+xp_cmdshell)|(?:[\”’\\xc3\\x82\\xc2\\xb4\\xc3\\xa2\\xc2\\x80\\xc2\\x99\\xc3\\xa2\\xc2\\x80\\xc2\\x98]\\\\s*?!\\\\s*?[\\"'\xc3\x82\xc2\xb4\xc3\xa2\xc2\x80\xc2\x99\xc3\xa2\xc2\x80\xc2\x98\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|data …" at ARGS:cb_editors_ckeditor_toolbar. [file “/var/cpanel/cwaf/rules/23_SQL_SQLi.conf”] [line “30”] [id “211650”] [msg “COMODO WAF: Detects MSSQL code execution and information gathering attempts”] [data “Matched Data: \x22Select\x22 found within ARGS:cb_editors_ckeditor_toolbar: [\x0d\x0a{ \x22name\x22: \x22document\x22, \x22items\x22 : [ \x22Source\x22,\x22-\x22,\x22Maximize\x22,\x22ShowBlocks\x22 ] },\x0d\x0a{ \x22name\x22: \x22clipboard\x22, \x22items\x22 : [ \x22Cut\x22,\x22Copy\x22,\x22Paste\x22,\x22PasteText\x22,\x22PasteFromWord\x22,\x22-\x22,\x22Undo\x22,\x22Redo\x22 ] },\x0d\x0a{ \x22name\x22: \x22editing\x22, \x22items\x22 : [ \x22Find\x22,\x22Replace\x22,\x22SpellChecker\x22] },\x0d\ [hostname “www.domain.com”] [uri “/cbadmin/settings/save”] [unique_id “VsFM09BN0FIAAE9G8JYAAAAB”]
[Sun Feb 14 21:58:37 2016] [error] [client 50.178.111.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match “(?i:(?:\\sexec\\s+xp_cmdshell)|(?:[\”’\\xc3\\x82\\xc2\\xb4\\xc3\\xa2\\xc2\\x80\\xc2\\x99\\xc3\\xa2\\xc2\\x80\\xc2\\x98]\\\\s*?!\\\\s*?[\\"'\xc3\x82\xc2\xb4\xc3\xa2\xc2\x80\xc2\x99\xc3\xa2\xc2\x80\xc2\x98\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|data …” at ARGS:cb_editors_ckeditor_toolbar. [file “/var/cpanel/cwaf/rules/23_SQL_SQLi.conf”] [line “30”] [id “211650”] [msg “COMODO WAF: Detects MSSQL code execution and information gathering attempts”] [data “Matched Data: \x22Select\x22 found within ARGS:cb_editors_ckeditor_toolbar: [\x0d\x0a{ \x22name\x22: \x22document\x22, \x22items\x22 : [ \x22Source\x22,\x22-\x22,\x22Maximize\x22,\x22ShowBlocks\x22 ] },\x0d\x0a{ \x22name\x22: \x22clipboard\x22, \x22items\x22 : [ \x22Cut\x22,\x22Copy\x22,\x22Paste\x22,\x22PasteText\x22,\x22PasteFromWord\x22,\x22-\x22,\x22Undo\x22,\x22Redo\x22 ] },\x0d\x0a{ \x22name\x22: \x22editing\x22, \x22items\x22 : [ \x22Find\x22,\x22Replace\x22,\x22SpellChecker\x22] },\x0d\ [hostname “www.domain.com”] [uri “/cbadmin/settings/save”] [unique_id “VsFM7dBN0FIAAE7MyT8AAAAA”]
[Sun Feb 14 22:05:29 2016] [error] [client 50.178.111.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match “(?i:(?:\\sexec\\s+xp_cmdshell)|(?:[\”’\\xc3\\x82\\xc2\\xb4\\xc3\\xa2\\xc2\\x80\\xc2\\x99\\xc3\\xa2\\xc2\\x80\\xc2\\x98]\\\\s*?!\\\\s*?[\\"'\xc3\x82\xc2\xb4\xc3\xa2\xc2\x80\xc2\x99\xc3\xa2\xc2\x80\xc2\x98\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|data …” at ARGS:cb_editors_ckeditor_toolbar. [file “/var/cpanel/cwaf/rules/23_SQL_SQLi.conf”] [line “27”] [id “211650”] [rev “2”] [msg “COMODO WAF: Detects MSSQL code execution and information gathering attempts”] [data “Matched Data: \x22Select\x22 found within ARGS:cb_editors_ckeditor_toolbar: [\x0d\x0a{ \x22name\x22: \x22document\x22, \x22items\x22 : [ \x22Source\x22,\x22-\x22,\x22Maximize\x22,\x22ShowBlocks\x22 ] },\x0d\x0a{ \x22name\x22: \x22clipboard\x22, \x22items\x22 : [ \x22Cut\x22,\x22Copy\x22,\x22Paste\x22,\x22PasteText\x22,\x22PasteFromWord\x22,\x22-\x22,\x22Undo\x22,\x22Redo\x22 ] },\x0d\x0a{ \x22name\x22: \x22editing\x22, \x22items\x22 : [ \x22Find\x22,\x22Replace\x22,\x22SpellChecker\x2 [hostname “www.domain.com”] [uri “/cbadmin/settings/save”] [unique_id “VsFOiNBN0FIAAGz5wWwAAAAE”]
[Sun Feb 14 22:08:09 2016] [error] [client 50.178.111.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match “(?i:(?:\\sexec\\s+xp_cmdshell)|(?:[\”’\\xc3\\x82\\xc2\\xb4\\xc3\\xa2\\xc2\\x80\\xc2\\x99\\xc3\\xa2\\xc2\\x80\\xc2\\x98]\\\\s*?!\\\\s*?[\\"'\xc3\x82\xc2\xb4\xc3\xa2\xc2\x80\xc2\x99\xc3\xa2\xc2\x80\xc2\x98\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|data …” at ARGS:cb_editors_ckeditor_toolbar. [file “/var/cpanel/cwaf/rules/23_SQL_SQLi.conf”] [line “27”] [id “211650”] [rev “2”] [msg “COMODO WAF: Detects MSSQL code execution and information gathering attempts”] [data “Matched Data: \x22Select\x22 found within ARGS:cb_editors_ckeditor_toolbar: [\x0d\x0a{ \x22name\x22: \x22document\x22, \x22items\x22 : [ \x22Source\x22,\x22-\x22,\x22Maximize\x22,\x22ShowBlocks\x22 ] },\x0d\x0a{ \x22name\x22: \x22clipboard\x22, \x22items\x22 : [ \x22Cut\x22,\x22Copy\x22,\x22Paste\x22,\x22PasteText\x22,\x22PasteFromWord\x22,\x22-\x22,\x22Undo\x22,\x22Redo\x22 ] },\x0d\x0a{ \x22name\x22: \x22editing\x22, \x22items\x22 : [ \x22Find\x22,\x22Replace\x22,\x22SpellChecker\x2 [hostname “www.domain.com”] [uri “/cbadmin/settings/save”] [unique_id “VsFPKNBN0FIAAG6OaogAAAAC”]
[Sun Feb 14 22:08:45 2016] [error] [client 50.178.111.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match “(?i:(?:\\sexec\\s+xp_cmdshell)|(?:[\”’\\xc3\\x82\\xc2\\xb4\\xc3\\xa2\\xc2\\x80\\xc2\\x99\\xc3\\xa2\\xc2\\x80\\xc2\\x98]\\\\s*?!\\\\s*?[\\"'\xc3\x82\xc2\xb4\xc3\xa2\xc2\x80\xc2\x99\xc3\xa2\xc2\x80\xc2\x98\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|data …” at ARGS:cb_editors_ckeditor_toolbar. [file “/var/cpanel/cwaf/rules/23_SQL_SQLi.conf”] [line “27”] [id “211650”] [rev “2”] [msg “COMODO WAF: Detects MSSQL code execution and information gathering attempts”] [data "Matched Data: \x22Select\x22 found within ARGS:cb_editors_ckeditor_toolbar: [\x0d\x0a{ \x22name\x22: \x22document\x22, \x22items\x22 : [ \x22Source\x22,\x22-\x22,\x22Maximize\x22,\x22ShowBlocks\x22 ] },\x0d\x0a{ \x22name\x22: \x22clipboard\x22, \x22items\x22 : [ \x22Cut\x22,\x22Copy\x22,\x22Paste\x22,\x22PasteText\x22,\x22PasteFromWord\x22,\x22-\x22,\x22Undo\x22,\x22Redo\x22 ] },\x0d\x0a{ \x22name\x22: \x22editing\x22, \x22items\x22 : [ \x22Find\x22,\x22Replace\x22,\x22SpellChecker\x2 [hostname “www.domain.com”] [uri “/cbadmin/settings/save”] [unique_id “VsFPTNBN0FIAAG8fCjAAAAAH”]

For now I have those two rules disabled and things are working. I will try and see what might be causing this. I can’t imagine I would be the only one running this configuration but I couldn’t find any references to the error in the Google Group. If you want to email me privately to discuss further, that would be fine as I don’t want to share too much specifics here. Thank you for your help.

-Daniel

Daniel Garcia
daniel@garciadev.com

Thank for your help. It work’s. :smiley: