Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[studio-ui] bulk upload fails due to missing X-XSRF-TOKEN token #1672

Closed
russdanner opened this issue Dec 6, 2017 · 4 comments
Closed

[studio-ui] bulk upload fails due to missing X-XSRF-TOKEN token #1672

russdanner opened this issue Dec 6, 2017 · 4 comments

Comments

@russdanner
Copy link
Member

@russdanner russdanner commented Dec 6, 2017

Expected behavior

bulk upload should work

Actual behavior

nothing uploads when you bulk upload
post response from the server is;
<!doctype html><html lang="en"><head><title>HTTP Status 403 – Forbidden</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 403 – Forbidden</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN'.</p><p><b>Description</b> The server understood the request but refuses to authorize it.</p><hr class="line" /><h3>Apache Tomcat/8.5.20</h3></body></html>

Steps to reproduce the problem

  • attempt bulk upload

Log/stack trace (use https://gist.github.com)

None

Specs: version, OS, browser, etc.

Chrome

@russdanner
Copy link
Member Author

@russdanner russdanner commented Dec 6, 2017

It looks like it's part of the cookie
Cookie:XSRF-TOKEN=00941d3b-1d9f-473b-bf58-4acfdba2bd30;
Maybe because the form is multi-part the server is looking at the request differently

@jvega190
Copy link
Member

@jvega190 jvega190 commented Dec 6, 2017

@jvega190
Copy link
Member

@jvega190 jvega190 commented Dec 6, 2017

@jvega190 jvega190 assigned russdanner and unassigned jvega190 Dec 7, 2017
@jvega190 jvega190 moved this from In Progress to Test & Validate in Crafter CMS v3.0.x Dec 7, 2017
@sumerjabri
Copy link
Member

@sumerjabri sumerjabri commented Dec 7, 2017

Verified.

@sumerjabri sumerjabri closed this Dec 7, 2017
Crafter CMS v3.0.x automation moved this from Test & Validate to Completed Dec 7, 2017
@sumerjabri sumerjabri added this to Completed in Crafter CMS v2.5.x Aug 31, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Crafter CMS v2.5.x
  
Completed
Crafter CMS v3.0.x
  
Completed
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
You can’t perform that action at this time.