View Issue Details

IDProjectCategoryView StatusLast Update
0004139SOGoWeb Generalpublic2021-02-25 00:22
Reporterskrupellos Assigned Tofrancis  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version3.2.8 
Fixed in Version4.0.0 
Summary0004139: Changing password leads to XSRF validation fails
Description

After a user changes their password via the web interface and logs in again, "Request failed" messages appear in the top right corner, if XSRF validation is enabled.

Steps To Reproduce

1) sogo.conf
SOGoPasswordChangeEnabled = "YES";
SOGoXSRFValidationEnabled = "YES";

2) Go to your user preferences -> General -> Password

3) Change your password

4) Logout

5) Login

Additional Information

This is cause since there are now two XSRF-TOKEN in the cookies file. After deleting the first XSRF-TOKEN cookie, everything works again.

TagsNo tags attached.

Activities

Kyoshiro-san

Kyoshiro-san

2017-09-12 10:09

reporter   ~0012287

Hello,

I'm having the exact same problem everytime I change password.
The authentication backend is a LDAP server.

Cheers

Related Changesets

sogo: master 789398bd

2017-09-19 09:44:37

francis

Details Diff
(web) Fix XSRF cookie path when changing password

Fixes 0004139
Affected Issues
0004139
mod - NEWS Diff File
mod - UI/MainUI/SOGoRootPage.m Diff File

Issue History

Date Modified Username Field Change
2017-04-09 12:35 skrupellos New Issue
2017-09-12 10:09 Kyoshiro-san Note Added: 0012287
2017-09-19 09:45 francis Changeset attached => sogo master 789398bd
2017-09-19 09:45 francis Assigned To => francis
2017-09-19 09:45 francis Resolution open => fixed
2017-09-19 09:45 francis Status new => resolved
2017-09-19 09:45 francis Fixed in Version => 4.0.0