CSRF error after update

(Peter Stirnberg) #1

Hi there,

just followed the update howto step by step with no errors during updating (https://wiki.diasporafoundation.org/Updating#Updating_diaspora.2A_0.6_to_diaspora.2A_0.7). Everything seems to be fine but I cant log in. I get this error "The CSRF token is invalid. Please sign in and try again."
Can anybody help?

Regards
Peter

0 Likes

(Benjamin Neff) #2

This can have multiple reasons:

  1. You have a browser addon that block stuff. Please try it again with another browser without addons.
  2. You have misconfigured your server and add/remove some headers in your webserver?
  3. Your cookie is broken, this can be tested when you try it with another browser, or when you delete the cookies for your pod.
0 Likes

(Peter Stirnberg) #3

Hi Benjamin and thanks for your hints. It was indeed topic 2 which directed me right. I disabled some headers and now it works as it should. What makes me a bit confused is, that Diaspora v6.x worked fine with these headers even during some minor updates.

Regards
Peter

0 Likes

(Benjamin Neff) #4

Diaspora 0.7.0.0 upgraded to rails 5.1 which was a big update. It is possible that rails 5.1 validates more things than rails 4.2 did.

0 Likes

(Peter Stirnberg) #5

I thought so myself at least - thanks again for your support.

0 Likes