From ac766188c1474a2fccd69342d67a38b06917778e Mon Sep 17 00:00:00 2001 From: Ralph Bean Date: Mon, 26 Oct 2015 16:25:51 -0400 Subject: [PATCH] Provide a more useful message when the csrf check fails. --- bodhi/validators.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/bodhi/validators.py b/bodhi/validators.py index 2cd5ce22e9..f891f84b0f 100644 --- a/bodhi/validators.py +++ b/bodhi/validators.py @@ -34,13 +34,18 @@ import bodhi.schemas +csrf_error_message = """CSRF tokens do not match. This happens if you have +the page open for a long time. Please reload the page and try to submit your +data again. Make sure to save your input somewhere before reloading. +""".replace('\n', ' ') + # This one is a colander validator which is different from the cornice # validators defined elsehwere. def validate_csrf_token(node, value): request = pyramid.threadlocal.get_current_request() expected = request.session.get_csrf_token() if value != expected: - raise colander.Invalid(node, 'CSRF tokens do not match') + raise colander.Invalid(node, csrf_error_message) def cache_nvrs(request, build):