Invalid CSRF Token warnings

Issue

Invalid CSRF Token warnings appear in the logs, if portlet.url.anchor.enable=true is set in portal-ext.properties.

User 20127 is not allowed to access URL http://localhost:8080/web/guest/home and portlet com_liferay_message_boards_web_portlet_MBPortlet: User 20127 did not provide a valid CSRF token for com.liferay.portlet.SecurityPortletContainerWrapper

Environment

  • Liferay DXP 7.2

Resolution

This should be fixed in DXP 7.2 FP5+ (liferay-fixpack-dxp-5-7210) by LPS-109009.

If this specific error appears without setting the above property in portal-ext.properties, then the following action should solve the problem:

Delete com.liferay.portal.upload.internal.configuration.UploadServletRequestConfiguration​config file from osgi/config folder and this row from the configuration_ table in the database, then setting manually a higher value for "Overall Maximum Upload Request Size" in "Control Panel → Configuration → System Settings → Infrastructure → Upload Servlet Request" section.

 

 

Este artigo foi útil?
Utilizadores que acharam útil: 0 de 0