Closed Bug 593953 Opened 14 years ago Closed 14 years ago

Trying to register on the Addons page results in an error message

Categories

(addons.mozilla.org Graveyard :: Administration, defect)

x86
Windows XP
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED WORKSFORME

People

(Reporter: nocibambi, Unassigned)

References

()

Details

User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:2.0b4) Gecko/20100818 Firefox/4.0b4 (.NET CLR 3.5.30729) Build Identifier: https://addons.mozilla.org/en-US/firefox/users/register The error message is: Forbidden (403) CSRF verification failed. Request aborted. More information is available with DEBUG=True. Reproducible: Always Steps to Reproduce: 1. clicking on the register button anywhere on the addons page 2. filling out the form and the captcha 3. clicking on 'register' button Actual Results: I've got the error message. Expected Results: To have been regsitered Asus M6, WinXP,
Is this a core bug? Or a bug with the page? That is, is this broken in all browsers, or just in a particular Firefox build?
I think it's related to the page (and maybe to my browser) I use firefox 4 beta 4 addons: ablock plus atomate and poyozo babelfish bynamite download statusbar feedback feedly java quick starter tab mix plus WOT
OK, moving to the right place then.
Component: General → Administration
Product: Core → addons.mozilla.org
QA Contact: general → administration
Are you sending the referrer header?
The pref in about:config is network.http.SendRefererHeader
it's set to status: user set, type: integer, value: 0 should I change it?
If you want to register on AMO, you need to send the referrer header. I'd guess one of your add-ons turned it off.
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → WORKSFORME
It was that, however I do not know what caused it. I disabled my extensions, but the setting did not change. After I turned it on manually I could normally register. Many thanks.
Status: RESOLVED → VERIFIED
Resolution: WORKSFORME → FIXED
We should have a more understandable error message if the referrer is required. It seems like we should allow registration as long as the referrer isn't some other site (allowing both AMO and missing referrers).
Status: VERIFIED → REOPENED
Ever confirmed: true
Resolution: FIXED → ---
Django requires the referrer for it's non-standard CSRF protection. I agree it's dumb. I don't know if we can adjust the message easily, but please file a new bug for it if you want to as it's a generic message for all forms on the site.
Status: REOPENED → RESOLVED
Closed: 14 years ago14 years ago
Resolution: --- → WORKSFORME
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.