Closed
Bug 616323
Opened 14 years ago
Closed 13 years ago
Provide more helpful error message on CSRF errors
Categories
(Input :: General, enhancement, P3)
Tracking
(Not tracked)
VERIFIED
FIXED
3.1
People
(Reporter: wenzel, Assigned: wenzel)
References
Details
Currently, CSRF protection errors lead to an ugly, not very helpful error message. Since these are mostly caused by people messing with their cookie settings, we should probably provide a helpful error message, asking them to a) turn on cookies and b) disable any add-ons that keep them from accepting cookies.
|
||
Updated•14 years ago
|
Priority: -- → P3
Target Milestone: --- → 3.1
|
Assignee | |
Comment 1•13 years ago
|
||
I added a CSRF error page, shortly explaining the problem and pointing to SUMO. http://github.com/fwenzel/reporter/commit/d9ad078 To reproduce, please open a feedback page, then using firebug, mangle or remove the hidden <input name="csrfmiddlewaretoken"...> field from the DOM before submitting it. Or mangle the CSRF token using TamperData or the like before sending it to the server. Aakash, feel free to proofread the error page text and tell me if you want it changed.
|
|
Assignee | |
Updated•13 years ago
|
Assignee: nobody → fwenzel
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Updated•13 years ago
|
Component: Input → General
Product: Webtools → Input
You need to log in
before you can comment on or make changes to this bug.
Description
•