Bug #24808
closed
Unnecessary message about security token
0%
Description
It seems there is something wrong with checking the tokens on pages which don't need to.
Follow this steps:
1) Call url: typo3/sysext/cms/layout/db_new_content_el.php
2) Delete cache in a different tab (clear all caches)
3) Reload tab #1 > get the message
(issue imported from #M17308)
Updated by Helmut Hummel about 13 years ago
What you see is a side effect of a previously timed out session in your tab where you cleared the cache (see #24755).
The error messages are stored in the session and displayed on the next page which render flash messages. Not too nice, but the only way we can see what happens and what the reason there was for the failure.
Updated by Ernesto Baschny about 13 years ago
This is probably obsolete by now, I don't get this message. If the token was invalid from start (when clearing the cache) the flash message is displaying "somewhere", which is ugly but not so problematic.
So Georg, are you able to reproduce that? Your mentioned steps didn't work here. Maybe only on specific browsers?
Updated by Helmut Hummel about 13 years ago
I want to keep that ticket to as a reminder to add a method to disable storage of the flash messages in the session witch should always be done when validating a token in a Ajax request.
Updated by Helmut Hummel over 12 years ago
- Status changed from Accepted to Closed
- Target version deleted (
0)
closed as duplicate