MINOR: change the ugly user-facing CSRF message to more friendly #370

Merged
merged 1 commit into from Apr 26, 2012

Projects

None yet

3 participants

@mateusz
Member
mateusz commented Apr 26, 2012

User does not necessarily knows what CSRF is, and tends to get scared by
this, thinking he has abused something. On the other hand users tend to
know what session expiry means.

@mateusz mateusz MINOR: change the ugly user-facing CSRF message to more friendly
User does not necessarily knows what CSRF is, and tends to get scared by
this, thinking he has abused something. On the other hand users tend to
know what session expiry means.
b561786
@halkyon
Member
halkyon commented Apr 26, 2012

Hmm, we need to fix this properly. It's useful to know there's a CSRF problem so you can see it in the error logs, but the user should be automatically taken back to their form with the nice message, rather than see a nice message on a blank page.

@chillu
Member
chillu commented Apr 26, 2012

Yeah, I think for user facing errors, that's a more appropriate (less scary) message. As Sean says, it'd be good to log more detail (on an info level). Let's hope the GSOC project we've got around logging will get to that level of detail :)

@chillu chillu merged commit 7483970 into silverstripe:master Apr 26, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment