Features / Usability

Features / Usability

Cross site request forgery

I am seeing the below error message when I attempt to login to dev.tiki
I'd submit a bug report but I can't login to do so, any direction is appreciated.

Potential cross-site request forgery (CSRF) detected. Operation blocked. Reloading the page may help.

I did not see the hint appear Luci, hmmm. That being said I reloaded the page anyways, just a natural step in trouble shooting login issues, and also cleared cache in my own browser and reloaded a few more times, but nothing was working yesterday.
But today I am back in without any issues.

Good day fatiki, I have not experienced the issue for a long time now. I ended up clearing cache on my pc, clearing cache in browsers, and things seemed to work ok.
Have you also tried different browsers?

Thanks John.

Yes I've tried with Firefox as well as Safari. I think I found a workaround for now:

The default login page is https://dev.tiki.org/login but if I get the error, the resulting page is https://dev.tiki.org/tiki-login.php .

I know the message says then to reload the page but if I do that it does nothing for me and I stay on the same page with the error.

But if I force the same page to reload (meaning, instead of pressing F5 I go to the URL field and hit enter), then it seems to work.

Test post to see if some Forum functionality works, pls. disregard. Thanks.

Hi Xavier,

Incidentally, this happened a couple of times on my Tiki test site too (it's on a localhost).

It's not a big deal since there is a workaround which works well (meaning, it works every time I have tried it) but it's always useful to know whether other people experience the same, and how many.

Thanks Luciash, good to know!

Upcoming Events

No records to display

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.