philderbeast
commented
3 years ago Updating this branch to 1152378aabeb6e6459edff6f7333a3e7edf62acb, the problem is not reproducible.
Open philderbeast opened 3 years ago
philderbeast
commented
3 years ago Updating this branch to 1152378aabeb6e6459edff6f7333a3e7edf62acb, the problem is not reproducible.
kuaka
commented
3 years ago All this means is that you left a long time (hours) between loading the page and then making the next request (in this case importing fsdb). The Cross-site request forgery token issued has a time limit.
kuaka
commented
3 years ago I have confirmed that we use the default of 1 hour for csrf token expiry on our forms. Closing as this is a feature not a bug.
philderbeast
commented
3 years ago All this means is that you left a long time (hours) between loading the page and then making the next request (in this case importing fsdb). The Cross-site request forgery token issued has a time limit.
I clearly remember refreshing the page and still getting the expired token and doubt that an hour had elapsed. Moreover this is another silent failure. A scorer using the software without the browser devtools open is not going to see the failing POST. They'll instead see the spinner that goes on forever.
kuaka
commented
3 years ago ok I understand now. I thought you got back the standard page with "Bad Request The CSRF token has expired." text. I guess this is not appearing as the fsdb file is being sent outside of WTF forms with ajax. We will need to capture these errors and feedback to the user .
On importing an
*.fsdb(Dalby 2017) I'm seeing this error on the flare_timing_yaml branch at 5f9441f54fc0b5965bb4af36d4b0a24e5fd607ee: