We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

CSRF attack when adding comment

Sometimes when adding comment i have error that there is some csrf attack or something like this and comment is not added. Can you fix it ? It's pretty annoying.



85.5k

its because you are opening other posts in a new tab.

https://github.com/phalcon/forum/issues/194

edited Apr '16

Yes. It is clear that this behaviour is intentional in order to prevent CSRF attacks. It's not UX oriented though...

So, make sure to follow order of opened tabs. Open tabs 1 - 2 - 3 and post a message in each in that order. 1, 2, 3.

edited Oct '16

This is getting really annoying for me... I know its a security feature, but inadvertently i might open different tabs to search the forums while typing out an answer/question.

Can we at least have our input saved somehow? I just lost about 8 lines of text thanks to the CSRF feature on the forums.

I also learned the hard way to copy my post before pressing the button, just in case :)