OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • CSRF errors on including LDAP Users
« previous next »
  • Print
Pages: [1]

Author Topic: CSRF errors on including LDAP Users  (Read 1734 times)

celso.lom

  • Newbie
  • *
  • Posts: 7
  • Karma: 0
    • View Profile
CSRF errors on including LDAP Users
« on: January 31, 2017, 08:18:46 pm »
I received CSRF error on including user from LDAP. I tried with Chrome, Firefox, Opera, Vivaldi and Edge. Any help about?
« Last Edit: January 31, 2017, 08:32:43 pm by celso.lom »
Logged

celso.lom

  • Newbie
  • *
  • Posts: 7
  • Karma: 0
    • View Profile
Re: CSRF errors on including LDAP Users
« Reply #1 on: January 31, 2017, 08:47:59 pm »
I recharge https://hostname/system_usermanager_import_ldap.php and try again. Works! But appear to be a bug.
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 10520
  • Karma: 833
    • View Profile
Re: CSRF errors on including LDAP Users
« Reply #2 on: January 31, 2017, 09:00:53 pm »
Hi,

Thanks for your report.  What is your version? 17.1?

Can you give a bit more detail about the steps to reproduce?

CSRF handling was replaced rather late in the development track of 17.1 so I guess this is where we need to look.



Cheers,
Franco
Logged

celso.lom

  • Newbie
  • *
  • Posts: 7
  • Karma: 0
    • View Profile
Re: CSRF errors on including LDAP Users
« Reply #3 on: January 31, 2017, 09:20:16 pm »
I have added a Active Directory Server to auth, tested OK.
1 - On the select page to add new user from LDAP (https://hostname/system_usermanager_import_ldap.php), i select the user and save. CSRF error returned.
2 - I recharge the page and select user again and save, saves well.

I tried with 2 diferent computers (Windows 10 and Mint 18), with Chrome, Firefox, Vivaldi, Opera and Edge.

It's a pleasure to help!

PS: Sorry about my english.
« Last Edit: January 31, 2017, 09:23:23 pm by celso.lom »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 10520
  • Karma: 833
    • View Profile
Re: CSRF errors on including LDAP Users
« Reply #4 on: January 31, 2017, 09:24:04 pm »
No worries and thanks for the explanation. We will track it down this week and post an update.


Cheers,
Framco
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 10520
  • Karma: 833
    • View Profile
Re: CSRF errors on including LDAP Users
« Reply #5 on: February 02, 2017, 10:03:54 pm »
Will be fixed in 17.1.1: https://github.com/opnsense/core/commit/f20640d0b69113


Cheers,
Franco
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • CSRF errors on including LDAP Users
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2021 All rights reserved
  • SMF 2.0.18 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2