symfony/http-kernel/Controller/ArgumentResolver/VariadicValueResolver InvalidArgumentException: The action argument "...$code" is required to be an array, the request attribute "code" contains a type of "string" instead. (uncaught exception)

[moises-cobrowser]

Hello,

There's something I'd like to share with you to see if someone can bring me some ideas about how to solve this issue.

When I POST/PUT and sometimes even doing GETs to my endpoints I'm getting this error:

app.CRITICAL: InvalidArgumentException: The action argument "...$code" is required to be an array, the request attribute "code" contains a type of "string" instead. (uncaught exception) at /vendor/symfony/http-kernel/Controller/ArgumentResolver/VariadicValueResolver.php line 41 {"exception":"[object] (InvalidArgumentException(code: 0): The action argument \"...$code\" is required to be an array, the request attribute \"code\" contains a type of \"string\" instead. at /vendor/symfony/http-kernel/Controller/ArgumentResolver/VariadicValueResolver.php:41)"} []

Recently I migrated my app to a new server and in this server I have ModSecurity enabled. I'm not sure if ModSecurity can cause any issues with Silex I can see something in my ModSecurity audit log, however I don't see any errors my webserver error.log reported by ModSecurity. I've even tried without ModSecurity and still same issue.

Is someone experiencing this issue ? Any Idea about how to solve it ?

Silex app routes configuration:

$app->get('/configuration/employees/{code}',
          'APP\Controllers\Configuration\EmployeesCtrl::get');
$app->put('/configuration/employees/{code}',
          'APP\Controllers\Configuration\EmployeesCtrl::update');

Silex EmployeesCtrl methods:

public function get ( Request $request, Application $app, $code )
{
  ...
}

public function update ( Request $request, Application $app, $code )
{
  ...
}

Silex logs:

[2017-05-29 10:19:52] app.INFO: Matched route "{route}". {"route":"PUT_configuration_employees_code","route_parameters":{"_controller":"APP\\Controllers\\Configuration\\EmployeesCtrl::update","code":"1","_route":"PUT_configuration_employees_code"},"request_uri":"https://mydomain.com/configuration/employees/1","method":"PUT"} []
[2017-05-29 10:19:52] app.DEBUG: > PUT /configuration/employees/1 [] []
[2017-05-29 10:19:52] app.CRITICAL: InvalidArgumentException: The action argument "...$code" is required to be an array, the request attribute "code" contains a type of "string" instead. (uncaught exception) at /vendor/symfony/http-kernel/Controller/ArgumentResolver/VariadicValueResolver.php line 41 {"exception":"[object] (InvalidArgumentException(code: 0): The action argument \"...$code\" is required to be an array, the request attribute \"code\" contains a type of \"string\" instead. at /vendor/symfony/http-kernel/Controller/ArgumentResolver/VariadicValueResolver.php:41)"} []
[2017-05-29 10:19:52] app.DEBUG: < 500 [] []

Silex versions:

- psr/log (1.0.0)
- monolog/monolog (1.22.1)
- symfony/routing (v3.1.3)
- symfony/polyfill-mbstring (v1.2.0)
- symfony/http-foundation (v3.1.3)
- symfony/event-dispatcher (v3.1.3)
- symfony/debug (v3.1.3)
- symfony/http-kernel (v3.1.3)
- pimple/pimple (v3.0.2)
- silex/silex (v2.0.2)
- symfony/dom-crawler (v3.1.7)
- symfony/browser-kit (v3.1.7)

mod_security audit log

--663e4824-A--
[29/May/2017:10:19:52 +0000] WSv1yK3-59oAAFH-sRQAAAAH 81.34.144.111 54877 173.255.231.218 443
--663e4824-B--
PUT /configuration/employees/1 HTTP/1.1
Host: mydomain.com
Connection: keep-alive
Content-Length: 387
Pragma: no-cache
Cache-Control: no-cache
Origin: https://mydomain.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
X-Requested-With: XMLHttpRequest
DNT: 1
Referer: https://mydomain.com/configuration/employees/edit?codigo=1
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: es-ES,es;q=0.8,en;q=0.6,ca;q=0.4,nl;q=0.2,ru;q=0.2
Cookie: PHPSESSID=o7om3a7ih16i8bc5agpuvtvri6; _ga=GA1.2.1733438362.1495810215; _gid=GA1.2.2133734049.1496053038

--663e4824-F--
HTTP/1.1 500 Internal Server Error
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Cache-Control: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 66
Connection: close
Content-Type: text/html; charset=UTF-8

--663e4824-H--
Apache-Handler: application/x-httpd-php
Stopwatch: 1496053192748075 46100 (- - -)
Stopwatch2: 1496053192748075 46100; combined=15, p1=0, p2=0, p3=0, p4=0, p5=14, sr=0, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.8.0 (http://www.modsecurity.org/); OWASP_CRS/2.2.9.
Server: Apache

--663e4824-Z--

[moises-cobrowser]

After upgrading all the packages to the latest version

monolog/monolog           1.22.1 Sends your logs to files, sockets, inboxes, databases and various web services
pimple/pimple             v3.0.2 Pimple, a simple Dependency Injection Container
psr/log                   1.0.2  Common interface for logging libraries
silex/silex               v2.1.0 The PHP micro-framework based on the Symfony Components
symfony/debug             v3.3.0 Symfony Debug Component
symfony/event-dispatcher  v3.3.0 Symfony EventDispatcher Component
symfony/http-foundation   v3.3.0 Symfony HttpFoundation Component
symfony/http-kernel       v3.3.0 Symfony HttpKernel Component
symfony/polyfill-mbstring v1.3.0 Symfony polyfill for the Mbstring extension
symfony/routing           v3.3.0 Symfony Routing Component

I'm still having the same issue it's interpreting the $code parameter as variadic, could someone explain how is that possible ? Becasue the $code parameter is just a simple String/Int.

public function update ( Request $request, Application $app, $code )
{
  ...
}

[fabpot]

Not sure how this is possible, but not probably not related to Silex. Closing for now.