search

Automattic / jetpack

Security, performance, marketing, and design tools — Jetpack is made by WordPress experts to make WP sites safer and faster, and help you grow your traffic.
https://jetpack.com/
Other
1.59k stars 800 forks source link

Invalid Security Token when leaving comments on site #34466

Closed kelasante closed 10 months ago

kelasante commented 10 months ago

Impacted plugin

Jetpack

Quick summary

A user in 7408736-zen says site visitors get an error "Invalid Security Token" when leaving comments on blog posts.

Markup 2023-12-05 at 15 34 02

They are currently using Jetpack comments. Since then, there have been reports from other users with the same error in 7409490-zen and 7409401-zen

Steps to reproduce

  1. Comment on a post on atomic site with comments enabled.
  2. There is an "Invalid security token." error

A clear and concise description of what you expected to happen.

Being able to comment

What actually happened

Error message when commenting. Deactivating Jetpack Comment module and reactivating seems to sometimes help users who are logged into their accounts to comment. However, the issue persists for users commenting with name/email.

Workaround is deactivating the Jetpack comment module.

Impact

Some (< 50%)

Available workarounds?

Yes, easy to implement

Platform (Simple and/or Atomic)

Atomic

Logs or notes

No response

github-actions[bot] commented 10 months ago

Support References

This comment is automatically generated. Please do not edit it.

anomiex commented 10 months ago

According to https://github.com/Automattic/jpop-issues/issues/8729#issuecomment-1841767306, this was caused by D130728-code which was reverted in D131029-code.