Navigation

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Popular
    • Tags
    • Users
    • Groups
    1. Home
    2. genesisx
    G
    • Profile
    • Following 0
    • Followers 0
    • Topics 3
    • Posts 14
    • Best 0
    • Groups 0

    genesisx

    @genesisx

    0
    Reputation
    547
    Profile views
    14
    Posts
    0
    Followers
    0
    Following
    Joined Last Online

    genesisx Unfollow Follow

    Latest posts made by genesisx

    • RE: Excessive "invalid csrf token" on Login and Register

      @genesisx said in Excessive "invalid csrf token" on Login and Register:

      @baris Hi, users were seeing a "Forbidden" plain text page while log shows "invalid csrf token".

      Actually I think this could be the issue, I just reproduced the error with JavaScript turned off in Chrome...the "no script" warning template is not using translation syntax, which is something could be easily fixed.

      Thank you so much baris! I've been scratching my head to reproduce the issue, just didn't really come to me that someone would have js turned off in their browser...(and geez there are quite a lot of them)

      @baris not so easy I guess...some users with js turned on still seeing the "Forbidden" page upon registration, I will need to get a hold on someone who can reproduce the error and report on this. It's just so abnormally often that I start to suspect it could be GFW..

      posted in Bug Reports
      G
      genesisx
    • RE: Excessive "invalid csrf token" on Login and Register

      @hariom-vashisth thanks for reply, I will try your settings

      posted in Bug Reports
      G
      genesisx
    • RE: Excessive "invalid csrf token" on Login and Register

      @baris Hi, users were seeing a "Forbidden" plain text page while log shows "invalid csrf token".

      Actually I think this could be the issue, I just reproduced the error with JavaScript turned off in Chrome...the "no script" warning template is not using translation syntax, which is something could be easily fixed.

      Thank you so much baris! I've been scratching my head to reproduce the issue, just didn't really come to me that someone would have js turned off in their browser...(and geez there are quite a lot of them)

      posted in Bug Reports
      G
      genesisx
    • RE: Excessive "invalid csrf token" on Login and Register

      @phit Hi, thanks for reply, I've actually tried both, right now it is set to www.moefi.com, before it was blank, having errors in both case.

      posted in Bug Reports
      G
      genesisx
    • RE: Excessive "invalid csrf token" on Login and Register

      @yariplus The issue still presents after changing the settings...could you advice where I can put some print statement so that there will be more information to find the exact issue?

      23/6 10:11:20 [3644] - ^[[32minfo^[[39m: NodeBB is now listening on: 0.0.0.0:4567
      23/6 12:40:34 [3644] - ^[[31merror^[[39m: /login                              invalid csrf token
      23/6 12:40:43 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      23/6 12:40:54 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      23/6 12:41:01 [3644] - ^[[31merror^[[39m: /login                              invalid csrf token
      23/6 12:41:17 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      23/6 12:41:26 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      23/6 12:43:14 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token                                                          23/6 17:32:37 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token                                                          23/6 17:33:46 [3644] - ^[[31merror^[[39m: /login
      23/6 17:33:46 [3644] - ^[[31merror^[[39m: /login                              invalid csrf token
      23/6 17:34:09 [3644] - ^[[31merror^[[39m: /login                              invalid csrf token
      23/6 17:34:24 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      23/6 17:34:34 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      23/6 17:34:53 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      24/6 01:33:46 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      24/6 01:33:55 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      24/6 01:34:34 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      24/6 01:34:36 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      24/6 01:35:32 [3644] - ^[[31merror^[[39m: /login
       invalid csrf token
      24/6 05:42:10 [3644] - ^[[31merror^[[39m: /register
       invalid csrf token
      24/6 07:55:34 [3644] - ^[[31merror^[[39m: /register
       invalid csrf token
      24/6 09:27:22 [3644] - ^[[31merror^[[39m: /register
       invalid csrf token
      24/6 09:27:48 [3644] - ^[[31merror^[[39m: /register
       invalid csrf token
      24/6 09:35:00 [3644] - ^[[31merror^[[39m: /register
       invalid csrf token 
      
      posted in Bug Reports
      G
      genesisx
    • RE: Excessive "invalid csrf token" on Login and Register

      @yariplus thanks! I thought that is only referenced locally. I've changed to https and will see if it fix the issue.

      posted in Bug Reports
      G
      genesisx
    • Excessive "invalid csrf token" on Login and Register

      Hi, we have a forum instance running for Chinese users, 1 out of 4 users is having trouble registering or loginin, instead of seeing the red error prompt box on that page, they got redirected to a plain text page showing "Forbidden", even after cleaning their cookies, this happens on varies browsers including chrome, edge, ie, also some Chinese browser such as UC. I've searched through the forum and tried any config but no luck. Please give advice.
      Below are the setup and config files I have

      Ubuntu 16.10
      Nodebb version 1.5.1
      Mongodb 2.6.11
      Nginx 1.12.0

      Nginx config

      server {
          listen 80;
          server_name www.moefi.com;
      
          return 302 https://$server_name$request_uri;
      
      }
      
      ### the https server
      server {
          # listen on ssl, deliver with speedy if possible
          listen 443 ssl spdy;
      
          server_name www.moefi.com;
      
          # change these paths!
          ssl_certificate /etc/some.pem;
          ssl_certificate_key /etc/some.key;
      
          # enables all versions of TLS, but not SSLv2 or 3 which are weak and now
      deprecated.
          ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      
          # disables all weak ciphers
          ssl_ciphers 'AES128+EECDH:AES128+EDH';
      
          ssl_prefer_server_ciphers on;
      
          location / {
              proxy_set_header X-Real-IP $remote_addr;
              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
              proxy_set_header X-Forwarded-Proto $scheme;
              proxy_set_header Host $http_host;
              proxy_set_header X-NginX-Proxy true;
      
              proxy_pass http://127.0.0.1:4567;
              proxy_redirect off;
              
              # Socket.IO Support
              proxy_http_version 1.1;
              proxy_set_header Upgrade $http_upgrade;
              proxy_set_header Connection "upgrade";
          }
      

      Nodebb config

      {
          "url": "http://www.moefi.com",
          "secret": "secret",
          "database": "mongo",
          "port": 4567,
          "mongo": {
              "host": "127.0.0.1",
              "port": "27017",
              "username": "something",
              "password": "something",
              "database": "nodebb"
          }
      }
      

      Error

      20/6 09:47:18 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      20/6 18:14:28 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 06:31:10 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 06:31:13 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 06:31:23 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 06:31:33 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 06:31:48 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 06:31:52 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 06:32:11 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 06:33:34 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token                                                          21/6 08:45:27 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 10:25:07 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 11:17:21 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 11:19:13 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 11:21:10 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 11:27:41 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 11:28:35 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 11:47:46 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      21/6 11:48:58 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 11:49:09 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 11:49:57 [6838] - ^[[31merror^[[39m: /login
       invalid csrf token
      21/6 11:54:16 [6838] - ^[[31merror^[[39m: /register
       invalid csrf token
      
      posted in Bug Reports
      G
      genesisx
    • RE: [nodebb-plugin-ns-points] NS Points, Forum Gamification

      @genesisx said in [nodebb-plugin-ns-points] NS Points, Forum Gamification:

      Hey there, thanks for the great plugin, seems like it's not compatible with 1.5.x, any chance it will be compatible in the future?

      Alright, looks like it's a simple hook change, here is the pull request.
      https://github.com/NicolasSiver/nodebb-plugin-ns-points/pull/9

      GenesisX created this issue in NicolasSiver/nodebb-plugin-ns-points

      closed reflect hook data change in nodebb 1.5.x #9

      posted in NodeBB Plugins
      G
      genesisx
    • RE: [nodebb-plugin-ns-points] NS Points, Forum Gamification

      Hey there, thanks for the great plugin, seems like it's not compatible with 1.5.x, any chance it will be compatible in the future?

      posted in NodeBB Plugins
      G
      genesisx
    • RE: Save Nested Object or Array Into Topic Data

      @baris literally saved my day 👍
      BTW, is there a way to tell the client side code to refresh the page inside an action hook, say action:topic.reply?

      posted in Plugin Development
      G
      genesisx