archive
/
pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

CSRF token expire time too short #63311

New Issue
Closed
opened 2019-04-05 15:09:12 +02:00 by Pablo Vazquez · 4 comments
Pablo Vazquez commented 2019-04-05 15:09:12 +02:00
Copy Link

Forms fail to save (CSRF token expired notification) if the edit page was open for a while, which can happen when large files are uploaded over slow internet.

Forms fail to save (**CSRF token expired** notification) if the edit page was open for a while, which can happen when large files are uploaded over slow internet.
Francesco Siddi was assigned by Pablo Vazquez 2019-04-05 15:09:12 +02:00
Pablo Vazquez commented 2019-04-05 15:09:12 +02:00
Author
Copy Link

Added subscribers: @pablovazquez, @dr.sybren

Added subscribers: @pablovazquez, @dr.sybren
Francesco Siddi commented 2019-04-07 20:38:17 +02:00
Copy Link

I started looking into this. The issue can be fixed by:

  • extending the WTF_CSRF_TIME_LIMIT
  • introducing an expired CSRF token renewal mechanism

To be further discussed with @sybren.

I started looking into this. The issue can be fixed by: * extending the `WTF_CSRF_TIME_LIMIT ` * introducing an expired CSRF token renewal mechanism To be further discussed with @sybren.
Francesco Siddi commented 2019-10-09 23:25:25 +02:00
Copy Link

The issue has been addressed by raising the token time limit several months ago. Feel free to reopen if the problem persists.

The issue has been addressed by raising the token time limit several months ago. Feel free to reopen if the problem persists.
Francesco Siddi commented 2019-10-09 23:25:33 +02:00
Copy Link

Changed status from 'Open' to: 'Resolved'

Changed status from 'Open' to: 'Resolved'
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
production
cryptography-rust-fix
dillo
wip-comments-confidence-sorting
wip-refactor-node-hooks
wip-tags-view-progress
tmp-video-endcard
wip-redesign
wip-frontend-design
wip-open-project-landing
wip-sybren-notifications
last-py27
last-before-fusion
Labels
Clear labels   
legacy project
Infrastructure: Websites

  
legacy project
Pillar

  
legacy project
Pillar Framework

  
legacy project
Pillar Website

  
Priority::High

   
Priority::Low

   
Priority::Normal

   
Status::Archived

   
Status::Confirmed

   
Status::Resolved

   
Type::Bug

   
Type::Design

   
Type::Patch

   
Type::Report

   
Type::To Do
No Label
legacy project
Infrastructure: Websites
legacy project
Pillar
legacy project
Pillar Framework
legacy project
Pillar Website
Priority::High
Priority::Low
Priority::Normal
Status::Archived
Status::Confirmed
Status::Resolved
Type::Bug
Type::Design
Type::Patch
Type::Report
Type::To Do
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
Francesco Siddi
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: archive/pillar#63311
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?