Project

General

Profile

Actions
Copy link

Defect #42839

open

Attempting to download a js file from SCM gives a 422 error with InvalidCrossOriginRequest in the log

Added by Steve Hanselman 22 days ago. Updated 17 minutes ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
SCM
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:
5.1.8

Description

To recreate, find a .js file, click the download in the top right

ActionController::InvalidCrossOriginRequest (Security warning: an embedded <script> tag on another site requested protected JavaScript. If you know what you're doing, go ahead and disable forgery protection on this action to permit cross-origin JavaScript embedding.):
actionpack (7.2.2.1) lib/action_controller/metal/request_forgery_protection.rb:432:in `verify_same_origin_request'

Files

clipboard-202506061026-eqbs8.png (8.62 KB) clipboard-202506061026-eqbs8.png Steve Hanselman, 2025-06-06 11:26
Actions
Copy link
 #1

Updated by Go MAEDA 17 minutes ago

  • Status changed from New to Confirmed
  • Affected version changed from 6.0.5 to 5.1.8
Actions
Copy link

Also available in: Atom PDF