[Spacewalk-list] SP 2.3: Update user details issue
Lichtinger, Bernhard
Bernhard.Lichtinger at lrz.de
Wed May 13 14:14:46 UTC 2015
Hi Grant,
>
> Well, that's a hint, at least. When I can get my hands on Windows again, I'll see if I can reproduce that way.
>
>> Is it perhaps possible that there is some javascript which triggers a change
>> of the csrf_token after the HTML is sent to the browser? Depending on the
>> timing of the browser-engine?
>
> The rhn:csrf tag is filled in server-side as part of the server preparing the HTML to be sent to the client, it's not something that gets touched client-side.
>
> I can't imagine that IE's dev-tools are magically changing things - but it sure does feel like that. Ugh.
To be clear: IE produces everytime the error, with or without dev-tools running.
Safari on Mac has different behavior with dev-tools running than without.
>
>> As a side note: Some forms contain the csrf_token twice (with the same value)
>> in the POST data, but this is the case with every browser, so I don’t think
>> this is a problem at all.
>
> Yeah, I recall fixing a few JSPs that had the tag in two places - clearly, I didn't find them all. It's not harmful, just...untidy.
>
> If you keep poking at this, let me know what you find; I'll do the same.
I will do some more poking next week.
>
> In the meantime, 'turn off dev-tools, or use a browser that doesn't hate all of us' is my suggested workaround :)
It is all about my collegues' „bad habits“ to use a broken browser ;)
Regards,
Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5031 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20150513/bab4ddea/attachment.p7s>
More information about the Spacewalk-list
mailing list