Actions
Feature #1407
closed
Extend session availability (prevent CSRF token timeout)
Start date:
2020-11-16
Estimated time:
4.00 h
Description
After being inactive for a certain amount of time when entering a form, I get an internal service error.
Updated by Alexander Watzinger over 3 years ago
- Category set to UI
- Status changed from New to Assigned
- Assignee set to Alexander Watzinger
- Target version set to 6.0.0
- Estimated time set to 4.00 h
- Found in version set to 5.5.1
Can confirm, in Apache log this turns up:
The CSRF token has expired
Updated by Alexander Watzinger over 3 years ago
- Tracker changed from Bug to Feature
- Subject changed from CSRF Token expired to Extend session availability (prevent CSRF token timeout)
- Status changed from Assigned to Closed
- Found in version deleted (
5.5.1)
Thanks for reporting. Changed it to feature because it doesn't seem to be bug, just a timeout which we can raise.
I changed the default timeout for CSRF token (one hour) to the life time of the session.
Not sure if this was the culprit so if you still experience this problem (in 5.6.0) please re-open this ticket.
Updated by Alexander Watzinger over 3 years ago
- Target version changed from 6.0.0 to 5.6.0
Actions