Feature #1407
Extend session availability (prevent CSRF token timeout)
Start date:
2020-11-16
Estimated time:
4.00 h
Description
After being inactive for a certain amount of time when entering a form, I get an internal service error.
History
Updated by Alexander Watzinger about 1 year ago
Updated by - Category set to UI
- Status changed from New to Assigned
- Assignee set to Alexander Watzinger
- Target version set to 6.0.0
- Estimated time set to 4.00 h
- Found in version set to 5.5.1
Can confirm, in Apache log this turns up:
The CSRF token has expired
Updated by Alexander Watzinger about 1 year ago
- Tracker changed from Bug to Feature
- Subject changed from CSRF Token expired to Extend session availability (prevent CSRF token timeout)
- Status changed from Assigned to Closed
- Found in version deleted (
5.5.1)
Thanks for reporting. Changed it to feature because it doesn't seem to be bug, just a timeout which we can raise.
I changed the default timeout for CSRF token (one hour) to the life time of the session.
Not sure if this was the culprit so if you still experience this problem (in 5.6.0) please re-open this ticket.