vorpal-buildbot
commented
5 years ago 500 error at /authenticate/callback/
(mismatching_state) CSRF Warning! State not equal in request and response.
Reported on decksite by bakert99
--------------------------------------------------------------------------------
Request Method: GET
Path: /authenticate/callback/?state=L6OTozTTvqUjhsHMuFNrzC4GlH4N92&code=RTNFpV8GHAiexC7n2hFFEsT4VdrSLr
Cookies: {'__cfduid': 'dbbaeaf004b46114da480ca1ea67b1fe41519487476', 'hide_intro': 'True', '_ga': 'GA1.2.336853490.1519750417', 'session': '.eJx1kNtuwjAQRP9ln6PKTpxAeGvpDQqiVxCtqsiNN8bCuch2Wiji3-sgUaRKfZyd2R377CBr0JS8wsrBwJkWA-CiVNVRCGXz2ohMCRgATeOEsZT2SJ8yRsIkhgD-d3Sdc43exeqgpETR1dm6OtyjLAqgdLLOWoum4mWX_eBrNC5N_UbNW7cKM-u465wmvp7fr75H00cqeKhuinEyuzyPWjXXxbw85V299oWDHfA8R2uPGoSdbtjLWGrFGjV5kKPnoS0mS_IaueXC-H3cNMqgzbhHQeMwpmGapNEZSdJe1Kcnv6OTENYnJACDhR-tfkvC5OnudjIbkofPq5EsvsajHInuLejMyM3Ql3icjf_Nm-fmmati62eyVVpYeA_gcCZz2y4CF8gNGtgH8Bea40aif2XVar3_Abpoj4o.Dzx_xQ.zpqyginyEi6W9gwuuBzNW5bgYLk', '_gid': 'GA1.2.1940173015.1548094837', 'deck_id': '36493'}
Endpoint: authenticate_callback
View Args: {}
Person: 195644917081440265
Referrer: https://discordapp.com/oauth2/authorize?response_type=code&client_id=338056190779195392&redirect_uri=https%3A%2F%2Fpennydreadfulmagic.com%2Fauthenticate%2Fcallback%2F&scope=identify+guilds&state=L6OTozTTvqUjhsHMuFNrzC4GlH4N92
Request Data: {}
Host: pennydreadfulmagic.com
Accept-Encoding: gzip
Cf-Ipcountry: US
X-Forwarded-For: 136.25.151.171, 172.69.22.52
Cf-Ray: 4a4e5a640c576c10-SJC
X-Forwarded-Proto: https
Cf-Visitor: {"scheme":"https"}
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://discordapp.com/oauth2/authorize?response_type=code&client_id=338056190779195392&redirect_uri=https%3A%2F%2Fpennydreadfulmagic.com%2Fauthenticate%2Fcallback%2F&scope=identify+guilds&state=L6OTozTTvqUjhsHMuFNrzC4GlH4N92
Accept-Language: en-US,en;q=0.9,es;q=0.8
Cookie: __cfduid=dbbaeaf004b46114da480ca1ea67b1fe41519487476; hide_intro=True; _ga=GA1.2.336853490.1519750417; session=.eJx1UMtuwjAQ_Jc9R5WdOIFwa-krFETpA0SrKnLjjbEwSWQ7LRTx73WQWqRKPc7OzM7u7IGLjapg4EyLAQhli9qIXAkYAE3jhLGU9kifMkbCJIYA_md0XXCNnsXqiKREkTdobF0d91EWBbBxss5bi6bim077ztdoXJp6R81btwpz67jrmCa-nt-vvrLJAxU8VDflKJlenketmutyvjnpXb32gYM98KJAa38wCDvZsueR1Io1ajyT2dPQluMleYnccmG8H7eNMmhz7vxtcRjTME3S6IwkaS_q0xPftZMQ1ickAIOlH61-Q8Lk8e52PB2S2cdVJsvPUVYg0b0FnRq5HfoQX2fjv3n1vWHlVLnzM9kqLSy8BXBck7tdJ4EL5AYNHAL4W5rjRqK_smq1PnwDU6SI9w.Dfj1kQ.6zIYF2Bw9YqqBtAVtkhDIFSf-AA; _gid=GA1.2.1940173015.1548094837; deck_id=36493; session=.eJx1kNtuwjAQRP9ln6PKTpxAeGvpDQqiVxCtqsiNN8bCuch2Wiji3-sgUaRKfZyd2R377CBr0JS8wsrBwJkWA-CiVNVRCGXz2ohMCRgATeOEsZT2SJ8yRsIkhgD-d3Sdc43exeqgpETR1dm6OtyjLAqgdLLOWoum4mWX_eBrNC5N_UbNW7cKM-u465wmvp7fr75H00cqeKhuinEyuzyPWjXXxbw85V299oWDHfA8R2uPGoSdbtjLWGrFGjV5kKPnoS0mS_IaueXC-H3cNMqgzbhHQeMwpmGapNEZSdJe1Kcnv6OTENYnJACDhR-tfkvC5OnudjIbkofPq5EsvsajHInuLejMyM3Ql3icjf_Nm-fmmati62eyVVpYeA_gcCZz2y4CF8gNGtgH8Bea40aif2XVar3_Abpoj4o.Dzx_xQ.zpqyginyEi6W9gwuuBzNW5bgYLk
Cf-Connecting-Ip: 136.25.151.171
Cdn-Loop: cloudflare
X-Forwarded-Host: pennydreadfulmagic.com
X-Forwarded-Server: pennydreadfulmagic.com
Connection: Keep-AliveMismatchingStateError (mismatching_state) CSRF Warning! State not equal in request and response. Stack Trace:
File "/home/discord/.local/lib/python3.6/site-packages/flask/app.py", line 2309, in __call__
return self.wsgi_app(environ, start_response)
File "/home/discord/.local/lib/python3.6/site-packages/flask/app.py", line 2295, in wsgi_app
response = self.handle_exception(e)
File "/home/discord/.local/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
response = self.full_dispatch_request()
File "/home/discord/.local/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/home/discord/.local/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/home/discord/.local/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
raise value
File "/home/discord/.local/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
rv = self.dispatch_request()
File "/home/discord/.local/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "./shared_web/flask_app.py", line 97, in authenticate_callback
oauth.setup_session(request.url)
File "./shared_web/oauth.py", line 27, in setup_session
authorization_response=url)
File "/home/discord/.local/lib/python3.6/site-packages/requests_oauthlib/oauth2_session.py", line 208, in fetch_token
state=self._state)
File "/home/discord/.local/lib/python3.6/site-packages/oauthlib/oauth2/rfc6749/clients/web_application.py", line 203, in parse_request_uri_response
response = parse_authorization_code_response(uri, state=state)
File "/home/discord/.local/lib/python3.6/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 271, in parse_authorization_code_response
raise MismatchingStateError()
Exception_hash: b1e0b4491d6eb60c6eb30b28b4d0eb6e0ee0982e
Labels: decksite; MismatchingStateError
(mismatching_state) CSRF Warning! State not equal in request and response.
Reported on decksite by adna
MismatchingStateError (mismatching_state) CSRF Warning! State not equal in request and response. Stack Trace:
Exception_hash: b1e0b4491d6eb60c6eb30b28b4d0eb6e0ee0982e