"ForbiddenError: invalid csrf token" On Fresh Install



  • Using nodejs v0.10.37, redis 3.0.0, and nodebb 0.6.1 through a nginx proxy. I've run npm up, cleared nginx cache and restarted it.

    6/5 20:50 [3348] - error: /login
    ForbiddenError: invalid csrf token
    at verifytoken (/home/overlawled/nodebb/node_modules/csurf/index.js:268:11)
    at csrf (/home/overlawled/nodebb/node_modules/csurf/index.js:96:7)
    at Layer.handle [as handle_request] (/home/overlawled/nodebb/node_modules/express/lib/router/layer.js:82:5)
    at next (/home/overlawled/nodebb/node_modules/express/lib/router/route.js:110:13)
    at Route.dispatch (/home/overlawled/nodebb/node_modules/express/lib/router/route.js:91:3)
    at Layer.handle [as handle_request] (/home/overlawled/nodebb/node_modules/express/lib/router/layer.js:82:5)
    at /home/overlawled/nodebb/node_modules/express/lib/router/index.js:267:22
    at Function.proto.process_params (/home/overlawled/nodebb/node_modules/express/lib/router/index.js:321:12)
    at next (/home/overlawled/nodebb/node_modules/express/lib/router/index.js:261:10)
    at Function.proto.handle (/home/overlawled/nodebb/node_modules/express/lib/router/index.js:166:3)


  • Admin

    Can you post result of

    npm ls nodebb-theme-vanilla
    npm ls nodebb-theme-lavender
    

    Thanks :)



  • nodebb@0.6.1 /home/overlawled/nodebb
    └── nodebb-theme-vanilla@0.2.36

    nodebb@0.6.1 /home/overlawled/nodebb
    └── nodebb-theme-lavender@0.2.13


  • Admin

    Hey @overlawled nice to see you switching to NodeBB :D

    I can't reproduce that right now, running v0.6.x and those theme versions... do you see any errors in the browser console when navigating to the login page?



  • I do!

    Uncaught SyntaxError: Unexpected token &
    nodebb.min.js?0eb3d036:14

    Uncaught TypeError: Cannot read property 'maxReconnectionAttempts' of undefined
    socketIOConnect @ nodebb.min.js?1431043735683:18915
    (anonymous function) @ nodebb.min.js?1431043735683:19495
    (anonymous function) @ nodebb.min.js?1431043735683:19509

    Uncaught TypeError: Cannot read property 'loggedIn' of undefined
    (anonymous function) @ nodebb.min.js?1431043735683:19260
    jQuery.Callbacks.fire @ nodebb.min.js?1431043735683:3087
    jQuery.Callbacks.self.fireWith @ nodebb.min.js?1431043735683:3199
    jQuery.extend.ready @ nodebb.min.js?1431043735683:433
    completed @ nodebb.min.js?1431043735683:104


  • Admin

    Really... and that's on a fresh install? Weird.

    Can you post a link to your forum so we can take a look, and run it in dev mode for now? (./nodebb dev)

    If you don't want to post it, PM it to @baris, @psychobunny, or myself :)




  • Plugin & Theme Dev

    You have problem with minification of the scripts.
    I can encounter this problem several times on day. Until I have found way how to fix it, it was a pain ;)

    Temporal solution

    1. Stop Nodebb
    2. Enter nodebb/public directory
    3. Delete src directory, - rm -rf src
    4. Checkout src directory - git checkout .
    5. Start Nodebb

  • Plugin & Theme Dev

    @julian I have found source of the issue.
    Minification script does not ignore hidden files, like .DS_Store.

    Reproduce

    Visit public/src folder, open several files, use finder on Mac. Check if you have .DS_Store files in subdirectories of public/src. Now when you restart NodeBB, minified script will be broken with different artefacts.

    Solution

    Minification script should include only *.js files.

    Temporal Solution 2 for Mac Users

    1. Enter public/src directory.
    2. Delete all .DS_STORE recursively - find . -name '*.DS_Store' -type f -delete

  • Admin

    @Nicolas Nice catch this should be fixed on master now.

    https://github.com/NodeBB/NodeBB/commits/master


  • Plugin & Theme Dev

    @baris nice! :+1:


  • GNU/Linux

    Good job guys. Hopefully the others that are having this issue will find this thread.



  • I got same error, and I am using centos system. Can you please help me how to solve the issue?

    Thank You!



  • What I did was, I installed the lobby app. Some feature are working but most them are not. Like when I tried to change the app setting in admin configuration, I got this Error.

    orbiddenError: invalid csrf token
    at verifytoken (/home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/node_modules/csurf/index.js:269:11)
    at Object.csrf [as handle] (/home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/node_modules/csurf/index.js:97:7)
    at next (/home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/lib/proto.js:174:15)
    at methodOverride (/home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/node_modules/method-override/index.js:79:5)
    at /home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/lib/middleware/methodOverride.js:41:7
    at methodOverride (/home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/node_modules/method-override/index.js:79:5)
    at Object.handle (/home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/lib/middleware/methodOverride.js:39:5)
    at next (/home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/lib/proto.js:174:15)
    at /home/maycel.casilag/Lobby-App-master/node_modules/express/node_modules/connect/node_modules/express-session/index.js:433:7
    at /home/maycel.casilag/Lobby-App-master/sqlite-store.js:65:15

    Please help me because I'm stuck.

    Thank You!
    POST /docusign_test 403 19.811 ms - -


Log in to reply
 


Looks like your connection to NodeBB was lost, please wait while we try to reconnect.