#5897 - AJAX requests with CSRF tokens broken
-
By PDStig
- Added
- 6 views
| Identifier | #5897 |
|---|---|
| Issue type | Minor issue (breaks specific functionality) |
| Title | AJAX requests with CSRF tokens broken |
| Status | Closed (no changes needed) |
| Tags |
Roadmap: Sponsorship (custom) |
| Handling member | Deleted |
| Addon | General / Uncategorised |
| Description | compo.sr was upgraded to 10.0.50 which rolled back cookie changes in 10.0.49.
I confirmed the JavaScript was rolled back. And I confirmed my cookies are what they should be (not HttpOnly and not Secure). Yet, myself and other users cannot rate stuff / change their password; Composr errors regarding a missing token. |
| Steps to reproduce | |
| Additional information | As this is a non-critical v10 bug and v10 is no longer receiving funding for non-critical fixes, it will require sponsorship to fix unless someone wants to fix it themselves and merge-request to GitLab. Please contact me in a Private Topic to sponsor this fix if interested.
The estimated cost is $20 USD ($20/hour, estimated time to fix 1 hour). Also see https://compo.sr/forum/topicview/browse/general-chat/ratings-are-broken-on.htm?redirected=1#first_unread |
| Funded? | No |
The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".
Comments
https://gitlab.com/composr-foundation/composr (composr_homesite branch).
Points will be awarded.