Click new contact, fill the form with details, click save, and it tells CSRF token error, now you have to re-enter all the contact information again after refresh. Why it does not tell you the CSRF token error when clicking on add contact or doing refresh before entering info?
Hey @joeyk I tried this and seems to have not worked for me.
I updated the issue on GitHub, I am not able to get to the mautic instance āoffline errorā. I see some errors in my log:
[error] 1851#1851: *784641 FastCGI sent in stderr: "PHP message: ParseError: syntax error, unexpected ''lifetime'' (T_CONSTANT_ENCAPSED_STRING), expecting ']' - in file /var/www/mautic/app/config/security.php - at line 98" while reading response header from upstream, client: 132.82.126.64, server: mymautic.com, request: "POST /mailer/sendgrid_api/callback HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.4-fpm.sock:", host: "mymautic.com"
@mzagmajster You can check the value of $configParameterBag->get(ārememberme_lifetimeā) by putting the line: dd($configParameterBag); right after your configParameterBag = $parameterLoader->getParameterBag();. The value should be 31536000, which is one year in seconds
Might be a few ways to fix this. It sounds like the file might have been copied to the wrong directory; can you make sure the change is only in app/config/security.php?
If thatās not the problem, letās try this: Revert back to your Mautic instance from before the change, then open your console, cd to the Mautic folder, and type āgh pr checkout 10994ā. This will make the exact file changes thatās in my PR. See if that works for you
Last, we can always test with GitPod. You can click on the āOpen in GitPodā button in GitHub when you look at the PR. Itās working for me there. I found the cookie using Right Click > Inspect > Application > Cookies > https://8080-bradycargleā¦
Just to reup this, itās still happening to me on 4.4.5 - frequency vastly reduced, so something has been changed in the last few releases, but still happening, particularly when adding contacts, although I canāt put my finger on any particular action that causes it. Anyone working on it, let me know if I can provide any helpful informationā¦
I remember @escopecz giving an explanation many years ago, I also remember not understanding anything he said at the timeā¦
What I do remember from his explanation of the issue is that it wasnāt Mauticās faultā¦
I actually once got this fixed by upgrading nginx to the latest versionā¦ but downgraded after that and back to the same problem. I remember that Mautic was not playing well with php 8.0 and the latest nginx version
It seems to me that this might have some (positive) impact on the issue
In some cases, if AJAX requests are made by the page to an apparently different (perhaps local as opposed to public) location, that may well cause CSRF issues.