Project

General

Profile

Feature #1407

Extend session availability (prevent CSRF token timeout)

Added by Nina Brundke 5 months ago. Updated 5 months ago.

Status:
Closed
Priority:
Low
Category:
UI
Target version:
Start date:
2020-11-16
Estimated time:
4.00 h

Description

After being inactive for a certain amount of time when entering a form, I get an internal service error.

History

#1

Updated by Alexander Watzinger 5 months ago

  • Found in version set to 5.5.1
  • Estimated time set to 4.00 h
  • Target version set to 6.0.0
  • Assignee set to Alexander Watzinger
  • Status changed from New to Assigned
  • Category set to UI

Can confirm, in Apache log this turns up:

The CSRF token has expired

#2

Updated by Alexander Watzinger 5 months ago

  • Found in version deleted (5.5.1)
  • Status changed from Assigned to Closed
  • Subject changed from CSRF Token expired to Extend session availability (prevent CSRF token timeout)
  • Tracker changed from Bug to Feature

Thanks for reporting. Changed it to feature because it doesn't seem to be bug, just a timeout which we can raise.
I changed the default timeout for CSRF token (one hour) to the life time of the session.
Not sure if this was the culprit so if you still experience this problem (in 5.6.0) please re-open this ticket.

#3

Updated by Alexander Watzinger 5 months ago

  • Target version changed from 6.0.0 to 5.6.0

Also available in: Atom PDF