Invalid CSRF when session expires
Hi all,
As discussed in https://forum.bettyblocks.com/... but slightly different: for a custom web page we sometimes get an error stating the CSRF token is invalid which seems to happen at session expiration. It looks like an old version of the page (with an old csrf token) is sent but it just gives me a white screen saying:
Invalid CSRF (Cross Site Forgery Protection) token, make sure all requests include a '_csrf' param
After refreshing the page the login screen appears which functions normally.
I can extend the session timeout to make sure this error won't happen so often but don't really want to do that. Is there a way to prevent the white screen (of death) and auto refresh?
Hi all,
As discussed in https://forum.bettyblocks.com/... but slightly different: for a custom web page we sometimes get an error stating the CSRF token is invalid which seems to happen at session expiration. It looks like an old version of the page (with an old csrf token) is sent but it just gives me a white screen saying:
Invalid CSRF (Cross Site Forgery Protection) token, make sure all requests include a '_csrf' param
After refreshing the page the login screen appears which functions normally.
I can extend the session timeout to make sure this error won't happen so often but don't really want to do that. Is there a way to prevent the white screen (of death) and auto refresh?
Login to reply