Hi there,
i just noticed that, after login in FAS, there is a button "I am a human" for CSRF check.
It's all good, but clicking button makes POST request to (admin.fedoraproject.org/accounts/login?_csrf_token=<token>) which returns 302 Found and redirects to a same url (GET request) , which returns 403 Forbidden.
It seems that navigation "knows" that i am logged in, but content part do not :)
See attached screenshot and log for more info, since it's early morning and i do not provide a good explanation.
It's all good, but clicking button makes POST request to (admin.fedoraproject.org/accounts/login?_csrf_token=<token>) which returns 302 Found and redirects to a same url (GET request) , which returns 403 Forbidden.
It seems that navigation "knows" that i am logged in, but content part do not :)
See attached screenshot and log for more info, since it's early morning and i do not provide a good explanation.
Attachment:
fas-error.png
Description: PNG image
Attachment:
fas-request-log
Description: Binary data
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
