"The CSRF token is invalid."

Avatar image for dudeglove
dudeglove

13914

Forum Posts

1166

Wiki Points

0

Followers

Reviews: 2

User Lists: 2

So I've noticed lately that if I leave a page open too long in a Chrome or Chromium-based browser, when I eventually come to posting something on said page, be it a video comment, forum post, or PM, I get that typical red banner that says "An error occurred" or some such. Recently I've seen this message appear for the first time while attempting to post in a PM

  • The CSRF token is invalid. Please try to resubmit the form.

Anyway, it's not permanent. In all cases the bug is resolved by basically refreshing the page (which might be a bummer if someone's just typed out a massive blog post only to lose all of it?). They all appear to be some sort of timeout issue, though can't be sure. Am wondering if anyone else is experiencing these?

Desktop browser, chrome, windows 7 64 bit etc. Not sure as to mobile.

Avatar image for thatpinguino
thatpinguino

2849

Forum Posts

602

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

#2 thatpinguino  Staff

I have experienced that on Chrome with the same OS setup.

Avatar image for jslack
jSlack

1186

Forum Posts

1165

Wiki Points

0

Followers

Reviews: 1

User Lists: 6

@dudeglove: Indeed. It's a form protection issue, and it may be too sensitive. We've received several bug reports about this. Going to see what we can do to make it better.

In the past, the user would have been notified that they replied successfully, when in reality it was a quiet error. We've now recently enabled better error messaging there, and that's why people are seeing this now.

Avatar image for yotaruvegeta
VichusSmith

190

Forum Posts

84

Wiki Points

0

Followers

Reviews: 0

User Lists: 5

I got the "CSRF token" message today, while trying to post a comment. I figured that having a link in my comment would be the problem , and that worked. What's going on?

Avatar image for euantor
euantor

79

Forum Posts

699

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

@yotaruvegeta: CSRF tokens are usually time based and tied to sessions. I'd assume you'd left the page open for a while (quite a long while usually) before posting?

Avatar image for travisrex
TravisRex

819

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

Happens on mobile as well

Avatar image for liquiddragon
liquiddragon

3967

Forum Posts

978

Wiki Points

0

Followers

Reviews: 2

User Lists: 16

#7  Edited By liquiddragon  Online

Yeah this happens to me on my Nexus 7 tablet. Can't seen to comment but posts on forums are ok? Also that comment window is ridiculously small...

No Caption Provided

Avatar image for yotaruvegeta
VichusSmith

190

Forum Posts

84

Wiki Points

0

Followers

Reviews: 0

User Lists: 5

@euantor said:

@yotaruvegeta: CSRF tokens are usually time based and tied to sessions. I'd assume you'd left the page open for a while (quite a long while usually) before posting?

No, that is not correct.

Avatar image for wcarle
wcarle

434

Forum Posts

54

Wiki Points

0

Followers

Reviews: 0

User Lists: 1

#10 wcarle  Staff

Happens on mobile as well

What device are you using, my Galaxy and iPhone seem to work for me.

@euantor said:

@yotaruvegeta: CSRF tokens are usually time based and tied to sessions. I'd assume you'd left the page open for a while (quite a long while usually) before posting?

CSRF tokens can expire and are tied to your session, so this could be one potential cause.

I got the "CSRF token" message today, while trying to post a comment. I figured that having a link in my comment would be the problem , and that worked. What's going on?

Were you on desktop or mobile (if so what device)? Which browser?

These issues can be hard to pin down so if you can give us any additional information that would really help!

Avatar image for yotaruvegeta
VichusSmith

190

Forum Posts

84

Wiki Points

0

Followers

Reviews: 0

User Lists: 5

@wcarle: I'm on desktop, on Firefox.