View Issue Details

IDProjectCategoryView StatusLast Update
14290Bug reports[All Projects] Otherpublic2018-12-04 18:11
ReporterDenisChenuAssigned ToDenisChenu 
PrioritynoneSeverityminor 
Status resolvedResolutionfixed 
Product Version3.15.x 
Target VersionFixed in Version3.15.x 
Summary14290: Some form can not be submitted if csrfTokenName is updated
Description

If there are multiple instance on same server, an easy way to fix is renaming session AND csrfTokenName : but then it broke a lot of form

Steps To Reproduce

Update config.php to use

        'request' => array(
            'csrfTokenName' => 'CSRF_LS_master'
        ),

for example,

Create tokens, try to generate token code : receive CRSF issue

Additional Information

Have issue with
$.ajaxSetup({data: {YII_CSRF_TOKEN: LS.data.csrfToken}});
and with
window.LS.sendPost

TagsNo tags attached.
Complete LimeSurvey version number (& build)3.15.5 github
I will donate to the project if issue is resolvedNo
Browserff
Database & DB-Versionnot relevant
Server OS (if known)not relevant
Webserver software & version (if known)not relevant
PHP Versionnot relevant

Activities

DenisChenu

DenisChenu

2018-11-27 12:01

developer   ~49808

https://github.com/LimeSurvey/LimeSurvey/pull/1186

But have an issue in gulp …

markusfluer

markusfluer

2018-12-04 17:09

manager   ~49881

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=28595

Related Changesets

LimeSurvey: master f99b354b

2018-11-27 11:17:40

DenisChenu

Details Diff
Fixed issue 14290: Some form can not be submitted if csrfTokenName is updated
Dev: adding csrfTokenName for input name in LS.data
Dev: adding csrfTokenData as object to allow usage of $.extend in LS.data
Dev: replace 'YII_CSRF_TOKEN' by LS.data.csrfTokenName when found
Dev: usage of $.extend for uploader (public)
Dev: but have a syntax error in gulp …
mod - application/controllers/UploaderController.php Diff File
mod - application/extensions/LimeScript/LimeScript.php Diff File
mod - application/extensions/admin/grid/MassiveActionsWidget/assets/listActions.js Diff File
mod - assets/packages/adminbasics/build/adminbasics.js Diff File
mod - assets/packages/adminbasics/build/adminbasics.min.js Diff File
mod - assets/packages/adminbasics/src/components/confirmdeletemodal.js Diff File
mod - assets/packages/adminbasics/src/components/gridAction.js Diff File
mod - assets/packages/adminbasics/src/parts/globalMethods.js Diff File
mod - assets/scripts/admin/assessments.js Diff File
mod - assets/scripts/admin/participantpanel.js Diff File
mod - assets/scripts/admin/users.js Diff File
mod - assets/scripts/uploader.js Diff File

LimeSurvey: master b14e8fc1

2018-12-04 17:05:14

markusfluer

Details Diff
Fixed issue 14290: Some form can not be submitted if csrfTokenName is updated
mod - application/controllers/UploaderController.php Diff File
mod - application/extensions/LimeScript/LimeScript.php Diff File
mod - application/extensions/admin/grid/MassiveActionsWidget/assets/listActions.js Diff File
mod - assets/packages/adminbasics/build/adminbasics.debug.js Diff File
mod - assets/packages/adminbasics/build/adminbasics.js Diff File
mod - assets/packages/adminbasics/build/adminbasics.min.css Diff File
mod - assets/packages/adminbasics/build/adminbasics.min.js Diff File
mod - assets/packages/adminbasics/src/components/confirmdeletemodal.js Diff File
mod - assets/packages/adminbasics/src/components/gridAction.js Diff File
mod - assets/packages/adminbasics/src/parts/globalMethods.js Diff File
mod - assets/scripts/admin/assessments.js Diff File
mod - assets/scripts/admin/participantpanel.js Diff File
mod - assets/scripts/admin/users.js Diff File
mod - assets/scripts/uploader.js Diff File

Issue History

Date Modified Username Field Change
2018-11-27 10:12 DenisChenu New Issue
2018-11-27 10:12 DenisChenu Assigned To => DenisChenu
2018-11-27 10:12 DenisChenu Status new => assigned
2018-11-27 12:01 DenisChenu Note Added: 49808
2018-12-04 17:09 DenisChenu Changeset attached => LimeSurvey master f99b354b
2018-12-04 17:09 markusfluer Changeset attached => LimeSurvey master b14e8fc1
2018-12-04 17:09 markusfluer Note Added: 49881
2018-12-04 17:09 markusfluer Assigned To DenisChenu => markusfluer
2018-12-04 17:09 markusfluer Resolution open => fixed
2018-12-04 18:08 DenisChenu Assigned To markusfluer => DenisChenu
2018-12-04 18:11 DenisChenu Status assigned => resolved
2018-12-04 18:11 DenisChenu Fixed in Version => 3.15.x