style.css relative pathing isn't correct as it points to ./cache/index.php instead of ./index.php

criterion9 commented 6 years ago

https://suitecrm.com/suitecrm/forum/suitecrm-7-0-discussion/19134-cache-index-php-not-found-or-unable-to-stat has more of the dialog. It appears to impact multiple sub-themes (only tried 2) and doesn't occur on each request. Did not take the time to narrow down which modules are impacted.

Issue

css files using relative paths for url() do not always reach the entry point index.php and instead attempt to load ./cache/index.php and since there is no such file the apache error.log has rows of 404 errors.

Expected Behavior

no 404 errors and correct relative path usages in css files.

Actual Behavior

css files are attempting to load an index.php that doesn't exist to load theme elements and errors are thrown to the apache error.log. This is particularly problematic for systems that have automated security response to block repeated sniffing behaviors (generally repeated 404 errors in quick succession) as a single page load could have 4 or more 404 entries.

Possible Fix

Relative pathing isn't consistent with the number of up directories (../../../../ vs ../../../../../). All css build scripts should be checked for relative pathing issues.

Steps to Reproduce

Rebuild css
Load several modules over time
Check error.log for 404 entries looking for ./cache/index.php

Context

In our organization's case we would have what appeared to be security events triggered on crm users who would then be automatically blocked from systems access. Temporarily we put an empty index.php file in ./cache which prevents the 404 error from getting thrown and subsequently blocking valid users.

Your Environment

SuiteCRM Version used: 7.10.4
Browser name and version (e.g. Chrome Version 51.0.2704.63 (64-bit)): all impacted
Environment name and version (e.g. MySQL, PHP 7): MySQL, PHP7
Operating System and version (e.g Ubuntu 16.04): Ubuntu 16.04 (all patching levels are current)

ankush-0x90 commented 5 years ago

Hi @Dillon-Brown I would love to work on this issue..

pgorod commented 5 years ago

@asprazz I think you can go ahead and do it! Thanks!

mikebakke commented 5 years ago

I don't know if it's at all relevant but while fixing the separate issue #7748 related to [FATAL] Chart class not found I appear to have changed the incidence of this issue arising.

The fix was to extract /include/SugarCharts/Jit from an upgrade zip (7.11.x -> 7.11.8). This fixed the error in suitecrm.log but also since applying, I haven't seen the php error message about the cache/index.php. Early days but the system also "feels" much more responsive. WIll watch for a couple of days and see if it's stable.

Rgds

isleshocky77 commented 3 years ago

@pgorod Do you know if anyone ever worked on this or fixed this? I'm seeing this behavior in v7.11.15

pgorod commented 3 years ago

@isleshocky77 to my knowledge, nothing happened

Unless @asprazz has something to tell us?

isleshocky77 commented 3 years ago

@isleshocky77 to my knowledge, nothing happened

Unless @asprazz has something to tell us?

Gotcha. Thanks for the quick reply. For now i'm just putting in a rewrite rule to handle this.

salesagility / SuiteCRM