backpack-ai-bot[bot]
commented
2 hours ago Based on the information provided in the knowledge sources, I can offer some insights into your issue with the browse field type in Backpack 3.0.9 and later versions.
It seems you're encountering a 403 error when trying to access the elFinder popup for the browse field type. This issue appears to be related to the handling of MIME types in the BackpackElfinderController.
The code snippet you provided shows that the controller is attempting to decrypt the 'mimes' parameter from the request. If this decryption fails, it results in a 403 error.
To address this issue, you might want to check the following:
-
Ensure that the 'mimes' parameter is being properly set and encrypted when the browse field is initialized. This should be happening in the CRUD setup for your field.
-
Verify that the encryption key used in your application matches the one used when the 'mimes' parameter was encrypted.
-
Check if there are any middleware or other components in your application that might be interfering with the request parameters.
Unfortunately, the provided knowledge sources don't contain specific information about this particular error in Backpack 3.0.9 or later versions. The closest relevant information I found is about file type restrictions in the browse field, but it doesn't directly address your 403 error issue.
If the problem persists, you might want to:
-
Check the Backpack documentation for any changes in how the browse field type is implemented in version 3.0.9 and later.
-
Consider opening an issue on the Backpack CRUD GitHub repository with details about your setup and the exact steps to reproduce the error.
-
Review your Laravel and Backpack logs for any additional error messages that might provide more context.
I apologize that I don't have more specific information to resolve your issue. If you need further assistance, you might want to provide more details about your setup and the exact steps to reproduce the error.
Relevant sources:
Github Issue (closed): [4.0][Bug] Multiple images upload to the File Manager Github Issue (closed): addField type browse file restriction Github Issue (closed): How to extend elfinder where to put permission check Github Issue (closed): [Feature request] Allow mime_types filter on browse field Github Issue (closed): Elfinder known vulnerabilities Github Issue (closed): denyAccess(); throws AccessDeniedException with error 500 instead 403 Github Issue (closed): upload field required Github Issue (closed): [Bug] export buttom and browse field How to forbid to create and upload folders to file manager Github Issue (closed): Browse field type and wrong iframe URL to elFinder
CrudController / setupCreateOperation Browse Field Type Request https://site.com/admin/elfinder/popup/attribute_name request('mimes') - not present 403 error permanently
That's how it works (class BackpackElfinderController): try { if(request('mimes')){ $mimes = Crypt::decrypt(urldecode(request('mimes'))); } } catch (\Illuminate\Contracts\Encryption\DecryptException $e) { Log::error('Someone attempted to tamper with mime types in elfinder popup. The attempt was blocked.'); abort(403, 'Unauthorized action.'); }