Loading...
 
Skip to main content

Diagrams have poor usability still in 21.x LTS due CSRF and ticket expiration

Status
Closed
Subject
Diagrams have poor usability still in 21.x LTS due CSRF and ticket expiration
Version
21.x
22.x
Category
  • Bug
  • Conflict of two features (each works well independently)
  • Usability
Feature
Diagram (Drawings, Diagrams, Flowcharts and more)
Edit interface (UI)
Resolution status
Fixed or Solved
Submitted by
Xavier de Pedro
Keep informed
lindon, Marc Laporte, Jorge Sá Pereira
Lastmod by
Xavier de Pedro
Rating
(1)
Related-to
Description

We have been experiencing in our team at work several issues while attempting to use Tiki Diagrams in production in Tiki 21.x LTS

There might be 2 related (for the end user) issues. It seems as if some ticket expires too soon and some error related to CSRF is shown. Maybe after editing the diagram for more than 20 minutes or so (even if Tiki is set to remember the login for days or weeks, which seems to work when we are not using the diagram feature).

Diagrams are created to store their contents in a wiki page (because in file gallery we face some other issue still, as reported in another bug report)

2 error messages are shown in similar conditions (unclear yet the exact difference; these reports were sent by work colleagues of mine, so far)
Error message 1:

"An error occurred, please try again.
Potential cross-site request forgery (CSRF) detected. Operation blocked. Reloading the page may help."


Image

Error message 2:

"An error occurred, please try again.
Potential cross-site request forgery (CSRF) detected. Operation blocked. Ticket has expired. Reload the page"


Image

In case it matters: the https certificate seems to be not recognized (by the browser used to reproduce the issue) as valid.

Solution
we don't see this issue since many months ago (in that updated tiki21 site)
Importance
7
Easy to solve?
3
Priority
21
Demonstrate Bug on Tiki 19+
Demonstrate Bug (older Tiki versions)
Ticket ID
7547
Created
Monday 28 September, 2020 12:07:35 UTC
by Xavier de Pedro
LastModif
Thursday 05 August, 2021 21:06:18 UTC


Show PHP error messages