Feature #1407
Extend session availability (prevent CSRF token timeout)
Start date:
2020-11-16
Estimated time:
4.00 h
Description
After being inactive for a certain amount of time when entering a form, I get an internal service error.
History
Updated by Alexander Watzinger 8 months ago
Updated by - Found in version set to 5.5.1
- Estimated time set to 4.00 h
- Target version set to 6.0.0
- Assignee set to Alexander Watzinger
- Status changed from New to Assigned
- Category set to UI
Can confirm, in Apache log this turns up:
The CSRF token has expired
Updated by Alexander Watzinger 8 months ago
- Found in version deleted (
5.5.1) - Status changed from Assigned to Closed
- Subject changed from CSRF Token expired to Extend session availability (prevent CSRF token timeout)
- Tracker changed from Bug to Feature
Thanks for reporting. Changed it to feature because it doesn't seem to be bug, just a timeout which we can raise.
I changed the default timeout for CSRF token (one hour) to the life time of the session.
Not sure if this was the culprit so if you still experience this problem (in 5.6.0) please re-open this ticket.