Skip to content

[NOT BUG] csrf check faild in add new commet #13051

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
2 of 7 tasks
a1012112796 opened this issue Oct 6, 2020 · 7 comments
Closed
2 of 7 tasks

[NOT BUG] csrf check faild in add new commet #13051

a1012112796 opened this issue Oct 6, 2020 · 7 comments

Comments

@a1012112796
Copy link
Member

  • Gitea version (or commit ref): version 1.13.0+dev-735-gdf4bbcd23 built with GNU Make 4.2.1, go1.14.9 : bindata, sqlite, sqlite_unlock_notify (Build with last commit: df4bbcd)
  • Git version:
  • Operating system:
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • No
    • Not relevant
  • Log gist:

Description

GetInvalid csrf token. when add code comment. view:
Peek 2020-10-06 14-59

log:

[Macaron] 2020-10-06 14:59:24: Started POST /testg/test_repo/pulls/5/files/reviews/comments for 192.168.1.4
[Macaron] 2020-10-06 14:59:24: Completed POST /testg/test_repo/pulls/5/files/reviews/comments 400 Bad Request in 338.589µs
2020/10/06 14:59:24 ...s/context/context.go:332:func1() [D] Session ID: 87d1841579ba977c
2020/10/06 14:59:24 ...s/context/context.go:333:func1() [D] CSRF Token: bR_QLYCBp6bLpxZQHFc4FNzrJ4Y6MTYwMTk2NzU2NDc0ODM4NzM3NA

...
@6543
Copy link
Member

6543 commented Oct 6, 2020

clean cache & login -> test again

@otbutz
Copy link

otbutz commented Oct 6, 2020

clean cache & login -> test again

That's a workaround but not a solution.

@6543
Copy link
Member

6543 commented Oct 6, 2020

If this fix it, there is already an issue about it ...

@6543
Copy link
Member

6543 commented Oct 6, 2020

also interesting #11188

@a1012112796
Copy link
Member Author

a1012112796 commented Oct 6, 2020
edited
Loading

Sadly it's not usefull, And I found an amazing thing. The submit review is usefull which is using same csrf value..., I don't know why, test with chorm 85.0.4183.12 in ubuntu 20.04 desktop
Peek 2020-10-06 16-52

@a1012112796
Copy link
Member Author

Sorry, It's my config fault.

@a1012112796 a1012112796 changed the title [BUG?] csrf check faild in add new commet [NOT BUG] csrf check faild in add new commet Oct 8, 2020
@otbutz
Copy link

otbutz commented Oct 8, 2020

Sorry, It's my config fault.

Could you explain?

@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@otbutz @6543 @a1012112796