freddyrpina
commented
7 years ago What happened with a different systematic reroute. Access node.js:468:13 system.
Open mattdigitalme opened 7 years ago
freddyrpina
commented
7 years ago What happened with a different systematic reroute. Access node.js:468:13 system.
mhawksey
commented
7 years ago Encountering the same error when issuing a badge via a Google Site gadget (not just IE but Chrome). To replicate visit https://sites.google.com/a/hawksey.info/sandbox/mozilla-open-badges-issuer-example?key=1d4o9u2o0dxfaOwFp17dcpes4vhPrAvF3pvUYNumEJcc&uid=73cd236f-6642-4db9-8833-5769341b922c
[background to this issuing option written up here ]
auralon
commented
7 years ago Hi @mhawksey, after reading your write up, the first thing I notice is that you're using v1.0.0 spec for OpenBadge assertions. The Backpack currently only supports 0.5.0. This is something we are looking to address. However, for now those assertions are not compatible with the Backpack.
mhawksey
commented
7 years ago Hi @auralon - I've been able to version 1.0.0 badges ok e.g. https://altc.alt.ac.uk/badges/api/badge/assertion/?uid=16-1474279998-419 is here https://backpack.openbadges.org./share/eca6e328b1e9da2fd2276297fa0d6d19/ (appreciate assertion is hosted somewhere different but just to show v1.0.0 badges are handled ok with the issuer.
auralon
commented
7 years ago Hmmm... I expect that would be because the assertion also validates as v0.5.0 in those cases. I'd need to run some more tests though. Previous tests with v1.0.0 have failed (as expected). The Backpack currently only validates assertions to v0.5.0.
jkrisa
commented
7 years ago Just wanted to see if there was any progress on this error. This error occurs every time for us when pushing a badge using IE 11 only. Pushing badges using Firefox, Chrome and Edge work without any issues.
ForbiddenError: invalid csrf token at Object.csrf [as handle] (/app/node_modules/csurf/index.js:112:19) at next_layer (/app/node_modules/express/lib/router/route.js:103:13) at /app/node_modules/body-parser/lib/read.js:129:5 at invokeCallback (/app/node_modules/body-parser/node_modules/raw-body/index.js:262:16) at done (/app/node_modules/body-parser/node_modules/raw-body/index.js:251:7) at IncomingMessage.onEnd (/app/node_modules/body-parser/node_modules/raw-body/index.js:307:7) at IncomingMessage.emit (events.js:92:17) at _stream_readable.js:944:16 at process._tickCallback (node.js:458:13)
jessemorton
commented
6 years ago Has anyone been successful with some sort of workaround? Historically I've just advised people to revisit the same page in a different browser to claim the badge, but that's pretty unfortunate UX.
Hey @auralon We've seen this come through a couple of time:
ForbiddenError: invalid csrf token at csrf (/app/node_modules/csurf/index.js:112:19) at Layer.handle [as handle_request] (/app/node_modules/express/ node_modules/router/lib/layer.js:93:5) at next (/app/node_modules/express/node_modules/router/lib/route. js:138:13) at /app/node_modules/body-parser/lib/read.js:129:5 at invokeCallback (/app/node_modules/body-parser/node_modules/raw-body/ index.js:262:16) at done (/app/node_modules/body-parser/node_modules/raw-body/ index.js:251:7) at IncomingMessage.onEnd (/app/node_modules/body- parser/node_modules/raw-body/index.js:307:7) at IncomingMessage.emit (events.js:92:17) at _stream_readable.js:944:16 at process._tickCallback (node.js:458:13)
On occasion fixed with a clear cache - sometimes not though. More often than not its happening on IE, but again not exclusively.
Thoughts?