-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Occasional unexpected CSRF check failed #28920
Comments
Is this related to #25927 ? |
That is a good question! |
In a cut-down example from #29028 the UI test fail is:
It happens in:
It seems to be related to some browser state after:
If that scenario is changed to have a rename target near the start (alphabetically) in the file list, then there is no problem: (tested in #29029 )
If that scenario is changed to have a rename target at the end (alphabetically) of the file list, then there is no problem: (tested in #29030 )
If that scenario is changed to have a rename target in the middle (alphabetically) of the file list, then the intermittent failure still happens: (tested in #29031 )
So the issue seems to be related to "suddenly" leaving the browser when it has just scrolled to the middle of the files list, and then going to the login page to start logging in again. But it is not a "hard" issue, so probably it depends at what exact moment this happens. |
Most of the rename tests do the sequence:
The failing test does not do the last 2 actions. If the "files page reload" and "check expected file exists" is done, then there is no problem. So the suggested fix for the UI tests is to always do these scenario steps. (It is not the purpose of these particular UI tests to demonstrate and solve the weird CSRF check issue - IMHO it is better that we have reliable UI tests for the things they are supposed to test. And then separate effort on a prioritized basis can be put into finding how the CSRF check issue could happen) |
#29033 "fixes" the UI test runs, so closing here. |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Steps to reproduce
Expected behaviour
No "CSRF check failed".
Tests pass.
Actual behaviour
The system "suddenly" does not let the user navigate around pages. They are redirected back to the login page.
The UI tests will report something like:
On examining the screen capture in SauceLabs the "login" page is displaying "Access forbidden CSRF check failed"
Server configuration
Happens on core master and/or stable10 when running UI tests in a dev environment or in Travis+SauceLabs.
I have also had it happen to me (rarely) when manually using the webUI.
The text was updated successfully, but these errors were encountered: