https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292010-04-14T07:16:47ZRedmineRedmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=158772010-04-14T07:16:47ZPetr Pospisil
<ul></ul><p>Or if you have opened the detail of issue for a long time and than submit your notes.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=164632010-05-05T11:58:10ZFritz brause
<ul></ul><p>same as <a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Defect: Cookie issue when using Redmine on Firefox (Closed)" href="https://www.redmine.org/issues/5051">#5051</a> ?</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=165342010-05-07T07:52:02ZPetr Pospisil
<ul></ul><p>I don't know how to confirm your suspect.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=182502010-07-12T19:50:32ZFelix Schäfer
<ul></ul><p>Do you still experience issues with the authenticity token?</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=185912010-07-22T11:48:24ZPetr Pospisil
<ul></ul><p>Why not? What were changed? Show login dialog, fill credentials, double click to login button. It is the simplest way to simulate bahaviour. Another problem is if you have ISP with large latence (response time), e.g. slow wifi.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=185922010-07-22T11:56:15ZFelix Schäfer
<ul></ul><p>Petr Pospisil wrote:</p>
<blockquote>
<p>Why not? What were changed? Show login dialog, fill credentials, double click to login button. It is the simplest way to simulate bahaviour. Another problem is if you have ISP with large latence (response time), e.g. slow wifi.</p>
</blockquote>
<p>I cannot reproduce this, as long as you can't give a clear way to reproduce (i.e. download a fresh redmine, laod the default data, don't install any plugin, reproduce), we won't be able to help you.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=185962010-07-22T12:24:22ZPetr Pospisil
<ul><li><strong>File</strong> <a href="/attachments/4174">Redmine_01.png</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/4174/Redmine_01.png">Redmine_01.png</a> added</li><li><strong>File</strong> <a href="/attachments/4175">Redmine_02.png</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/4175/Redmine_02.png">Redmine_02.png</a> added</li></ul><p>1) attached screen shot from WWW.REDMINE.ORG<br />2) attached TRUNK grabbed at 2010-07-22 14:12:00 - no plugins, no mess... just trunk and to command line :"ruby server".</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=185972010-07-22T12:25:46ZPetr Pospisil
<ul></ul><p>This post above I had to submit twice - at the first case, I saw "Invalid form authenticity token"...</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=185982010-07-22T12:28:02ZFelix Schäfer
<ul></ul><p>As I said, I can't reproduce it, though I've been trying like hell to double-click on the login button. Is it maybe a problem with your browser? Have you tried it from another browser? From another machine?</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=186012010-07-22T12:47:11ZPetr Pospisil
<ul></ul><p>Sorry, it is not just my problem or browser problem. Can you see screen shots from another peoples or browers? :o). I guess no.</p>
<p>Login page -> fill credentials -> clicking to submit button more than once (e.g. twice, 5 times...). At the first request, the system did login. But the second request is fastest than response from first request. As I mean. And the error message occurs. It is server side problem. I know that clicking to submit button is not usual case, but it is simulating situations on slower wire. It is annoying to submit issue update this way: type some description of update, ctrl+c, click to submit, error occured, close the browser, log again, find issue, ctrl+v, submit. This behaviour is sometimes to see at a slower internet.</p>
<p>I guess the server expects for different token, because the user is logged in by the first request.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=186022010-07-22T12:58:13ZFelix Schäfer
<ul></ul><p>Well, if it's a network problem, it's not something that can or should be solved on the server… Anyway, try as I may, I can't reproduce it either here, nor on 2 other redmine installations. Maybe you could try to search for the invalid authenticity token and slow connection on google with rails, because it's a mechanism of rails, not of redmine itself.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=186032010-07-22T13:05:27ZPetr Pospisil
<ul></ul><p>You are right, it seems to be rails problem. But the result is unworking redmine.. :(.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=210822010-10-07T03:35:20ZEwan Makepeace
<ul></ul><p>This is a huge problem for me and is very simple to reproduce:</p>
<ol>
<li>Log out from Redmine.</li>
<li>Go to your email</li>
<li>Click on the links on three different issues in your email so that three tabs open in your favourite browser.</li>
<li>Presumably each is prepopulated with your login details in the browser.</li>
<li>On teh first tab you can click login and be redirected to the issue.</li>
<li>On the other tabs when you hit login you get the dreaded "Invalid form authenticity token.". Now you have to login again and after you do so your redirect is lost so you close the tab and go and look for the email again.</li>
</ol>
<p>I hate this message so much I am considering moving off Redmine (Pivot Tracker looks rather attractive?). Seriously this is a monster issue that is driving me insane.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=210832010-10-07T03:39:38ZEwan Makepeace
<ul></ul><p>PS Version Redmine 1.0.1.devel.4167 (MySQL)</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=211812010-10-08T20:45:57ZBruno Medeiros
<ul></ul><p>Felix, Could you try the Ewan Makepeace case?</p>
<p>This bug is really annoying...</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=211822010-10-08T21:30:40ZFelix Schäfer
<ul></ul><p>Bruno Medeiros wrote:</p>
<blockquote>
<p>Felix, Could you try the Ewan Makepeace case?</p>
<p>This bug is really annoying…</p>
</blockquote>
<p>I don't need to try it, what happens to Ewan is because of a security feature of rails, and only related to the OP by the mechanism that causes it. The OP has a problem when submitting a single form more than once (multiple clicks on one and only submit button), whereas Ewan has a problem because he tries to send the "same form" multiple times from different browser tabs/windows. I'm not sure if there is a secure way to work around Ewan's problem, but please don't hijack this issue for it and open a new one instead, thanks.</p>
<p>Oh, and Ewan: as happy as I am about people using redmine, no one here will hold you back from using what you think is best for you.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=247322011-02-01T12:54:03ZDavid Escala
<ul></ul><p>The easiest way to reproduces is:</p>
<ol>
<li>login to <a class="external" href="http://www.redmine.org/login">http://www.redmine.org/login</a></li>
<li>go back with browser button</li>
<li>submit again the login form</li>
</ol>
<p>To avoid the error page and redirect the user to a sensible location I have patched <code>app/controllers/application_controller.rb</code> in 1.0-stable:</p>
<pre>
end
- render_error "Invalid form authenticity token."
+ redirect_back_or_default(home_path)
end
</pre>
<p>The second submit is not (and should not be) processed.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=314312011-08-12T20:43:01ZBryce Nordgren
<ul></ul><p>I got this on my old production installation...briefly.</p>
<p>It occurred when I changed my password in Active Directory, and I had not yet updated the "bind pw" on my LDAP connection setup page.</p>
<p>hope that helps.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=659432015-09-11T06:39:19ZToshi MARUYAMA
<ul><li><strong>Related to</strong> <i><a class="issue tracker-1 status-5 priority-4 priority-default closed" href="/issues/5051">Defect #5051</a>: Cookie issue when using Redmine on Firefox</i> added</li></ul> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=680482015-12-20T03:32:15ZMaicon de Oliveira
<ul></ul><p>I had the same problem and created this account just to share my solution.</p>
<p><strong>tl;dr</strong><br />Delete browser cookies, start again</p>
<p><strong>How it happened</strong><br />I was using redmine version 3.1.2 in a 32bit linux mint 15. Formated my machine with a brand new linux mint 17.2 64 bit and installed redmine version 3.1.2. Restored database and stuff, everything as usual.<br />When I logged, I got the same error.</p>
<p><strong>How I fixed</strong><br />After some time looking for the problem, figured out I had an older cookie from previous installation (using chrome sync), pressed F12, deleted all cookies and everything works fine.</p>
<p>Just in case someone needs it</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=741812016-10-25T12:32:13ZGreg T
<ul></ul><p>David Escala wrote:</p>
<blockquote>
<p>To avoid the error page and redirect the user to a sensible location I have patched <code>app/controllers/application_controller.rb</code> in 1.0-stable:</p>
<p>- render_error "Invalid form authenticity token." <br />+ redirect_back_or_default(home_path)</p>
</blockquote>
<p>This works great. Thanks.</p> Redmine - Defect #5230: Invalid form authenticity token.https://www.redmine.org/issues/5230?journal_id=1127182024-02-02T06:56:30ZGo MAEDA
<ul><li><strong>Is duplicate of</strong> <i><a class="issue tracker-1 status-5 priority-4 priority-default closed" href="/issues/38986">Defect #38986</a>: Ungültiges Authentizitätstoken für Formular</i> added</li></ul>