• Members 10 posts
    Aug. 9, 2020, 5:28 a.m.

    If I clone Misago & run it with ./dev init & docker-compose up, when I try to register a new user, after filling the form & pressing Register account, I get this error :

    I think the problem happens when Django csrf middleware compares the 2 csrf tokens.
    But the browser is actually sending 3 csrf tokens. Here are the two relevant headers :

    Cookie: misagocsrftoken=TcoSGGsZxZd7VUnzELIDCk8PWmyH0HdlI104obbiyPHETszgBt5Qk5QPSD5XBPFD;csrftoken=va4PO9XeIIWiRcnWf3ptTiavJLj5bN8LKHlCAFuGvVjSGr8innGo82g0ULXzv7mo; djdt=hide; sessionid=7kq2qap6wg05ddwq0zibh8eic1xg7my7
    ...
    X-CSRFToken: TcoSGGsZxZd7VUnzELIDCk8PWmyH0HdlI104obbiyPHETszgBt5Qk5QPSD5XBPFD

    That doesn't happen when I install misago_docker in a Digitalocean droplet.

    Am I doing something wrong ?

  • Aug. 10, 2020, 12:39 a.m.

    This is weird and I am not experiencing this myself. Did you customize settings.py or did anything else to the repo?

    misagocsrftoken is cookie name used by misago_docker. Main repo uses csrftoken. Likewise misago_docker uses misagosessionid while main repo uses sessionid.

  • Members 10 posts
    Aug. 10, 2020, 1:33 a.m.

    Oh !. That make sense. I was previously playing with misago_docker in my local development & it's cookies where still in the browser. Well, I learned something today.

    BTW, I submitted a pull request. There's probably something wrong, so feel free to make any recommendations or changes needed. thanks.