Login session error popup loop
-
@mattdjuk I've had this exact same issue with Chrome. Does it still happen if you clear the cache completely, or if you press F12, then select the Network tab and select "Disable cache" (as shown below) and then reload the page ?
-
Tried both in the config - with and without a trailing slash, e.g.
url": "http://forum.*******.co.uk"
and
url": "http://forum.*******.co.uk/"
Makes no difference
-
@mattdjuk Thanks. For clarity, the trailing backslash should not be there. Does the site function as desired when using Edge with no issues from the user perspective ? Does anything appear in the logs when the CSRF error is being generated ?
-
@phenomlab I tried both, but its currently without the /
Edge works fine. I can use the site without issue. Its just Chrome.
The only thing I can see in the admin logs on /admin is this
022-05-24T15:16:43.080Z [4567/165874] - [31merror[39m: POST /logout
invalid csrf tokenin the inspect tools in Chrome I see...
nodebb.min.js?v=eau0luijpea:2 POST https://forum.**********.co.uk/logout 403 (Forbidden)
-
@mattdjuk Just checked. This is exactly the same issue I encountered in this post
https://sudonix.com/topic/249/invalid-csrf-on-dev-install?_=1653382858005
When you tried this the first time, are you sure you selected the right database ?
-
@phenomlab I've just run this again. The first refresh, I actually got the screen without the session warning, but then the next time I refreshed, it was back.
Same error in the logs, and everything working fine in Edge.
-
I've just noticed this in when I run the site as dev...
info: NodeBB is now listening on: 0.0.0.0:4567
In the Nginx config, it has
proxy_pass http://127.0.0.1:4567
Any connection do you think?
-
I've now set up a completely fresh install on another VM. I have removed the domain for now and I'm running it on the IP address only and its not having similar issues. Once the dns resolves to the new location, I'll try and get it working with the domain.
-
@mattdjuk Unfortunately the problem remains - a constant loop of session error warning messages. This is across all browsers - I did originally believe Edge was unaffected.
I've tried clearing cache
I've run though the list of things in this thread
I've rebuild completely on a new VMNone of these things resolve this problem.
Further, I have now removed the SSL and am accessing it on http. I no longer see the session error message on a loop, but I am unable to login, getting...
http://forum.************.co.uk/login?error=csrf-invalid
Does anyone have any suggestions that I haven't tried? This is running on V2.0