Authenticated CSRF problems?
Closed this issue · 4 comments
Problem
When logged in as admin and viewing contacts, selecting one and then clicking delete always results in an error and the contact is not deleted
Reproduction Steps
- Login as admin
- Delete any contact that is not editor/admin
- CSRF error is thrown:
We’re Sorry, We are experiencing temporary difficulties completing your request at this time. Please try again later. If your problem persists, please contact email@company.com. error: csrf_token
Notes
- This occurs 100% of the time in my environment, not intermittently.
Investigation
- None yet, it's bedtime 😄
@jayyx2 I cannot repro this at all, neither on my local dev nor my live production environments.
I have tried using multiple browsers.
Contact deletes working as expected (and all of the associated deletes).
That is, when a contact is deleted, so are all of the related submissions, actions, and files.
All happening as expected, on any contact, regardless of their access status.
my local dev stack:
macOS 12.6.5
Apache 2.4.57
mySQL 8.0.33
PHP 8.2.5
have tried the latest versions of:
Firefox 113.0.1
Chrome 113.0.5672.92
Safari 16.4.1
I even tested on Windows using the latest Edge browser (via my VM). All working correctly.
This must be something with your environment? Can you share you system details?
Obvious question: did you try logging out / back in of your SM?
Thanks -DE
I'm 98% convinced this is related to my hacked changes to the submission form. I will test the latest version soon and report back if I ever change to 100% convinced. 😄
I'm not able to reproduce this issue with the release available on 2023-05-19
This should remain close, but I believe a more recent update fixed this. Unclear since I failed to update properly at least a couple of times 😄