Can't verify CSRF token authenticity
I'm embeeding a Redmine page inside a Sharepoint iframe.
It has always worked in the last months, from one month, more or less, when I try to login in Redmine through this page I receive the "Can't verify CSRF token authenticity" error. From outside everything works.
I tried adding the self.allow_forgery_protection = false in the application.rb file, but now, just in the embeeded login page, after putting the credentials I return to the login page. In the redmine log it tells that I'm succesfully loggin in but nothing happens.
Any suggestion ?
Redmine version 4.0.3.stable
Ruby version 2.5.5-p157 (2019-03-15) [x86_64-linux]
Rails version 18.104.22.168
Database adapter Mysql2
Mailer queue ActiveJob::QueueAdapters::AsyncAdapter
Mailer delivery smtp
Updated by Adriano Bellia over 3 years ago
- Status changed from New to Resolved
For now in my environment it seems resolved.
What I did is changing the called URL in the embeeding page. They are in the same domain but I was calling just the site name and the browser was giving error on the certificate