View Revisions: Issue #401
[ Back to Issue ]
Summary | 0000401: CSRF verification failed | ||
---|---|---|---|
Revision | 2013-12-10 17:41 by Sourceforge Import placeholder | ||
Description | With recent versions of NetSurf, I can't leave any comments on http://diamondgeezer.blogspot.com/. Steps to reproduce: Navigate to any comment box, e.g. this one: http://tridentscan.jaggedseam.com/dg/2936733284347766779/ Enter anything. Click 'Preview' (it's not necessary to click 'Publish', although that does it as well). See the error, "Forbidden (403): CSRF verification failed. Request aborted." Happens with 0000595, 0000607, 0000640 and 0000651. Does not happen with 2.9. |
||
Revision | 2013-12-10 17:41 by Vincent Sanders | ||
Description | With recent versions of NetSurf, I can't leave any comments on http://diamondgeezer.blogspot.com/. Steps to reproduce: Navigate to any comment box, e.g. this one: http://tridentscan.jaggedseam.com/dg/2936733284347766779/ Enter anything. Click 'Preview' (it's not necessary to click 'Publish', although that does it as well). See the error, "Forbidden (403): CSRF verification failed. Request aborted." Happens with #595, #607, #640 and #651. Does not happen with 2.9. |
||
Revision | 2013-12-17 17:26 by Vincent Sanders | ||
Description | With recent versions of NetSurf, I can't leave any comments on http://diamondgeezer.blogspot.com/. Steps to reproduce: Navigate to any comment box, e.g. this one: http://tridentscan.jaggedseam.com/dg/2936733284347766779/ Enter anything. Click 'Preview' (it's not necessary to click 'Publish', although that does it as well). See the error, "Forbidden (403): CSRF verification failed. Request aborted." Happens with 0000595, 0000607, 0000640 and 0000651. Does not happen with 2.9. |
||
Revision | 2012-11-13 18:30 by Sourceforge Import placeholder | ||
Additional Information | nobody added a note on Thu Apr 25 12:23:41 2013 This is no longer reproducible, as the div has recently been removed from the page in question. Still a bug though. kinnison added a note on Fri Mar 29 10:32:22 2013 My guess is it has something to do with: <div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='kRLojO3eQK2mkSfXXtAx8eoISL0Oop0p' /></div> i.e. that the input is inside a hidden div. When we moved to libdom we had to rewrite a lot of the interface to the box construction and to forms. This corner-case may have been missed. Imported from sourceforge bug http://sourceforge.net/support/tracker.php?aid=3586760 on Tue Dec 10 17:34:12 2013 |
||
Revision | 2013-12-17 17:26 by Vincent Sanders | ||
Additional Information | nobody added a note on Thu Apr 25 12:23:41 2013 This is no longer reproducible, as the div has recently been removed from the page in question. Still a bug though. kinnison added a note on Fri Mar 29 10:32:22 2013 My guess is it has something to do with: <div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='kRLojO3eQK2mkSfXXtAx8eoISL0Oop0p' /></div> i.e. that the input is inside a hidden div. When we moved to libdom we had to rewrite a lot of the interface to the box construction and to forms. This corner-case may have been missed. Imported from sourceforge bug http://sourceforge.net/support/tracker.php?aid=3586760 on Tue Dec 10 17:34:12 2013 |