CSRF error after update

Hi there,

just followed the update howto step by step with no errors during updating (https://wiki.diasporafoundation.org/Updating#Updating_diaspora.2A_0.6_to_diaspora.2A_0.7). Everything seems to be fine but I cant log in. I get this error "The CSRF token is invalid. Please sign in and try again."
Can anybody help?


This can have multiple reasons:

  1. You have a browser addon that block stuff. Please try it again with another browser without addons.
  2. You have misconfigured your server and add/remove some headers in your webserver?
  3. Your cookie is broken, this can be tested when you try it with another browser, or when you delete the cookies for your pod.

Hi Benjamin and thanks for your hints. It was indeed topic 2 which directed me right. I disabled some headers and now it works as it should. What makes me a bit confused is, that Diaspora v6.x worked fine with these headers even during some minor updates.


Diaspora upgraded to rails 5.1 which was a big update. It is possible that rails 5.1 validates more things than rails 4.2 did.

I thought so myself at least - thanks again for your support.

I am having problems with the CSRF warnings. I am using the bitnami rolled up version of diaspora Name based reverse proxy to my main web server. It seems that the apache configuration is located in /opt/bitnami/apache2. Would anyone know where it is?