Features / Usability

Forum List Topic List

Cross site request forgery

Posted by John Morris 10 Apr 2019 01:17 GMT-0000 posts: 764 United States

I am seeing the below error message when I attempt to login to dev.tiki
I'd submit a bug report but I can't login to do so, any direction is appreciated.

Potential cross-site request forgery (CSRF) detected. Operation blocked. Reloading the page may help.

Reads: 4855

Posted by luciash d' being 🧙 10 Apr 2019 07:48 GMT-0000 posts: 2435 Czech Republic

Hi John, did you try the "Reloading the page may help." hint?

Posted by John Morris 10 Apr 2019 12:47 GMT-0000 posts: 764 United States

I did not see the hint appear Luci, hmmm. That being said I reloaded the page anyways, just a natural step in trouble shooting login issues, and also cleared cache in my own browser and reloaded a few more times, but nothing was working yesterday.
But today I am back in without any issues.

Posted by fatiki 25 Aug 2019 08:54 GMT-0000 posts: 36

Hi John, I had not realized there was already a post for this problem.

I am experiencing the same issue, intermittently.

https://tiki.org/forumthread72499-Intermittent-issues-logging-onto-dev-tiki-org?topics_offset=1

Are you still experiencing this?

Posted by John Morris 25 Aug 2019 15:51 GMT-0000 posts: 764 United States

Good day fatiki, I have not experienced the issue for a long time now. I ended up clearing cache on my pc, clearing cache in browsers, and things seemed to work ok.
Have you also tried different browsers?

Posted by fatiki 25 Aug 2019 16:55 GMT-0000 posts: 36

Thanks John.

Yes I've tried with Firefox as well as Safari. I think I found a workaround for now:

The default login page is https://dev.tiki.org/login but if I get the error, the resulting page is https://dev.tiki.org/tiki-login.php .

I know the message says then to reload the page but if I do that it does nothing for me and I stay on the same page with the error.

But if I force the same page to reload (meaning, instead of pressing F5 I go to the URL field and hit enter), then it seems to work.

Posted by fatiki 27 Aug 2019 19:02 GMT-0000 posts: 36

Test post to see if some Forum functionality works, pls. disregard. Thanks.

Posted by Xavier de Pedro 28 Aug 2019 08:02 GMT-0000 posts: 1817 Catalan Countries

thanks fatiki, this is an annoying issue, reported already, also with that workaround (it took me a while to figure out the same woraround weeks ago):
https://dev.tiki.org/item7038-CSRF-Error-when-trying-to-log-in-from-the-top-bar

Posted by fatiki 28 Aug 2019 11:47 GMT-0000 posts: 36

Hi Xavier,

Incidentally, this happened a couple of times on my Tiki test site too (it's on a localhost).

It's not a big deal since there is a workaround which works well (meaning, it works every time I have tried it) but it's always useful to know whether other people experience the same, and how many.

Posted by luciash d' being 🧙 28 Aug 2019 14:58 GMT-0000 posts: 2435 Czech Republic

Seems there is a fix on the way by lindon?
https://dev.tiki.org/item7038-CSRF-Error-when-trying-to-log-in-from-the-top-bar#threadId=7314

Posted by fatiki 28 Aug 2019 16:37 GMT-0000 posts: 36

Thanks Luciash, good to know!

Jump to forum:

1)	15 May 2025 14:00 GMT-0000 Tiki Roundtable Meeting - May 2025
2)	19 Jun 2025 14:00 GMT-0000 Tiki Roundtable Meeting - Juin 2025
3)	17 Jul 2025 14:00 GMT-0000 Tiki Roundtable Meeting - July 2025
4)	21 Aug 2025 14:00 GMT-0000 Tiki Roundtable Meeting - August 2025
5)	18 Sep 2025 14:00 GMT-0000 Tiki Roundtable Meeting - September 2025
6)	08 Oct 2025 Tiki birthday
7)	16 Oct 2025 14:00 GMT-0000 Tiki Roundtable Meeting - October 2025
8)	20 Nov 2025 14:00 GMT-0000 Tiki Roundtable Meeting - November 2025
9)	18 Dec 2025 14:00 GMT-0000 Tiki Roundtable Meeting - December 2025

Features / Usability

Cross site request forgery

About Tiki

Support

Community

Documentation

Development

Legal

Tiki Project Sites

Networks

Navigation and related functionality and content

Related content

Custom Share Module 0.1dev

Features / Usability

Thread actions