Closed lnielsen closed 2 years ago
Package version (if known):
It's not possible to select and upload multiple files. Selecting and uploading one file at a time works.
https://user-images.githubusercontent.com/1698163/144724386-2de37df3-5992-465c-a217-f566110e9a03.mov
Server log
127.0.0.1 - - [04/Dec/2021 21:59:54] "POST /api/records HTTP/1.1" 201 - 127.0.0.1 - - [04/Dec/2021 21:59:54] "POST /api/records/eedh6-nmt78/draft/files HTTP/1.1" 201 - 127.0.0.1 - - [04/Dec/2021 21:59:54] "POST /api/records/eedh6-nmt78/draft/files HTTP/1.1" 201 - 127.0.0.1 - - [04/Dec/2021 21:59:54] "PUT /api/records/eedh6-nmt78/draft/files/IMG_6556.jpeg/content HTTP/1.1" 400 - 127.0.0.1 - - [04/Dec/2021 21:59:54] "PUT /api/records/eedh6-nmt78/draft/files/IMG_6555.jpeg/content HTTP/1.1" 400 - 127.0.0.1 - - [04/Dec/2021 21:59:54] "DELETE /api/records/eedh6-nmt78/draft/files/IMG_6556.jpeg HTTP/1.1" 400 - 127.0.0.1 - - [04/Dec/2021 21:59:54] "DELETE /api/records/eedh6-nmt78/draft/files/IMG_6555.jpeg HTTP/1.1" 400 -
HTTP Request for a good file upload:
PUT /api/records/eedh6-nmt78/draft/files/IMG_6555.jpeg/content HTTP/1.1 Content-Type: application/octet-stream Accept: application/json, text/plain, */* Accept-Language: en-us Accept-Encoding: gzip, deflate, br Host: 127.0.0.1:5000 Origin: https://127.0.0.1:5000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15 Connection: keep-alive Referer: https://127.0.0.1:5000/uploads/eedh6-nmt78 Content-Length: 83833 Cookie: csrftoken=eyJhbGciOiJIUzUxMiIsImlhdCI6MTYzODY1MjIzNiwiZXhwIjoxNjM4NjU1ODM2fQ.IjJPd1loWlJpR2FmRXpQbllrYWNmQXM5TTdEcU95WTFDIg.rFlc7uLV-heuCJNmuwmb3nRahcggoFYnGFbwHrgVOSTp4lqVKhNYrDXPta9JnKpAttFlcArWUCoWraHqZkhO_w; session=6e5e80d4a27ecc64_61aba8a0.Yh-rwJHAzUZ0t8K8yUjPpZTWv9I X-CSRFToken: eyJhbGciOiJIUzUxMiIsImlhdCI6MTYzODY1MjIzNiwiZXhwIjoxNjM4NjU1ODM2fQ.IjJPd1loWlJpR2FmRXpQbllrYWNmQXM5TTdEcU95WTFDIg.rFlc7uLV-heuCJNmuwmb3nRahcggoFYnGFbwHrgVOSTp4lqVKhNYrDXPta9JnKpAttFlcArWUCoWraHqZkhO_w
HTTP Request for a bad file upload:
PUT /api/records/eedh6-nmt78/draft/files/IMG_6555.jpeg/content HTTP/1.1 Content-Type: application/octet-stream Accept: application/json, text/plain, */* Accept-Language: en-us Accept-Encoding: gzip, deflate, br Host: 127.0.0.1:5000 Origin: https://127.0.0.1:5000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15 Connection: keep-alive Referer: https://127.0.0.1:5000/uploads/eedh6-nmt78 Content-Length: 83833 Cookie: csrftoken=eyJhbGciOiJIUzUxMiIsImlhdCI6MTYzODY1MjE5MSwiZXhwIjoxNjM4NjU1NzkxfQ.IndBOWV2M3FrS2hCU0JUeHRYUndheWxEZ2oySE9PV1dKIg.OOJmzyCsLs49DNSU94pOR1Tu6HrMyHk2Ep05yKz3SZHC-gTSENoWcw5olUWj6UD7KdYPmrhfqlEBS8JNxAKp1Q; session=6e5e80d4a27ecc64_61aba8a0.Yh-rwJHAzUZ0t8K8yUjPpZTWv9I X-CSRFToken: eyJhbGciOiJIUzUxMiIsImlhdCI6MTYzODY1MjE5MSwiZXhwIjoxNjM4NjU1NzkxfQ.InI4M0FuV3B6bUw1eThxcVFqMTQ4N3BqRzdIWHpzRnFiIg.6wwEFNiJ7npLUKoaGjIWuBvKD1Oq8vWb_LwvGiO-jzRJConxWb3N2491LeDQVh5XfPo2DwZYnV4Y-ZznNmA4TA
Response to bad request:
HTTP/1.1 400 BAD REQUEST Content-Type: application/json Content-Security-Policy: default-src 'self' data: 'unsafe-inline' blob: 'unsafe-inline' Set-Cookie: csrftoken=eyJhbGciOiJIUzUxMiIsImlhdCI6MTYzODY1MTkyMiwiZXhwIjoxNjM4NjU1NTIyfQ.Ing4UnMwdVRzRFJHZTg3QTl5YktNMEVUUWZMMm94SmQ4Ig.IfvQjFj6tu8pQJjFych8Jfn3QxIjbhyq9xcdsOIXno85DVBeRb-vTxIYOXjiAR5He8cVCmQKf2y4FUoDtyQ9AQ; Expires=Sat, 03 Dec 2022 21:05:22 GMT; Max-Age=31449600; Secure; Path=/; SameSite=Lax X-XSS-Protection: 1; mode=block Referrer-Policy: strict-origin-when-cross-origin Date: Sat, 04 Dec 2021 21:05:22 GMT Content-Length: 70 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin X-User-ID: 2 X-Session-ID: 6e5e80d4a27ecc64_61aba8a0 Server: Werkzeug/2.0.2 Python/3.8.9 Permissions-Policy: interest-cohort=() Strict-Transport-Security: max-age=31556926; includeSubDomains { "message": "CSRF token missing or incorrect.", "status": 400 }
Due to the CSRF token being regenerated on every request. Moving issue to Invenio-REST
Package version (if known):
Describe the bug
It's not possible to select and upload multiple files. Selecting and uploading one file at a time works.
Screenshots (if applicable)
https://user-images.githubusercontent.com/1698163/144724386-2de37df3-5992-465c-a217-f566110e9a03.mov
Additional context
Server log
HTTP Request for a good file upload:
HTTP Request for a bad file upload:
Response to bad request: