New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[studio-ui] bulk upload fails due to missing X-XSRF-TOKEN token #1672

Closed
russdanner opened this Issue Dec 6, 2017 · 4 comments

Comments

@russdanner
Member

russdanner commented Dec 6, 2017

Expected behavior

bulk upload should work

Actual behavior

nothing uploads when you bulk upload
post response from the server is;
<!doctype html><html lang="en"><head><title>HTTP Status 403 – Forbidden</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 403 – Forbidden</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN'.</p><p><b>Description</b> The server understood the request but refuses to authorize it.</p><hr class="line" /><h3>Apache Tomcat/8.5.20</h3></body></html>

Steps to reproduce the problem

  • attempt bulk upload

Log/stack trace (use https://gist.github.com)

None

Specs: version, OS, browser, etc.

Chrome

@russdanner

This comment has been minimized.

Show comment
Hide comment
@russdanner

russdanner Dec 6, 2017

Member

It looks like it's part of the cookie
Cookie:XSRF-TOKEN=00941d3b-1d9f-473b-bf58-4acfdba2bd30;
Maybe because the form is multi-part the server is looking at the request differently

Member

russdanner commented Dec 6, 2017

It looks like it's part of the cookie
Cookie:XSRF-TOKEN=00941d3b-1d9f-473b-bf58-4acfdba2bd30;
Maybe because the form is multi-part the server is looking at the request differently

@jvega190

This comment has been minimized.

Show comment
Hide comment
@jvega190
Member

jvega190 commented Dec 6, 2017

@jvega190

This comment has been minimized.

Show comment
Hide comment
@jvega190
Member

jvega190 commented Dec 6, 2017

@jvega190 jvega190 assigned russdanner and unassigned jvega190 Dec 7, 2017

@jvega190 jvega190 moved this from In Progress to Test & Validate in Crafter CMS v3.0.x Dec 7, 2017

@sumerjabri

This comment has been minimized.

Show comment
Hide comment
@sumerjabri

sumerjabri Dec 7, 2017

Member

Verified.

Member

sumerjabri commented Dec 7, 2017

Verified.

@sumerjabri sumerjabri closed this Dec 7, 2017

Crafter CMS v3.0.x automation moved this from Test & Validate to Completed Dec 7, 2017

@sumerjabri sumerjabri added this to Completed in Crafter CMS v2.5.x Aug 31, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment