View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0014122 | mantisbt | bugtracker | public | 2012-04-04 05:09 | 2014-09-23 18:05 |
Reporter | allfordbest | Assigned To | dregad | ||
Priority | low | Severity | text | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Platform | WINDOWS | OS | WINDOWS PROFESSIONAL | OS Version | 7 |
Target Version | 1.2.11 | Fixed in Version | 1.2.11 | ||
Summary | 0014122: In-appropriate time-out message when reporting an issue needs is shown | ||||
Description | Instead of time out message,the following message is being displayed in mantis: "Invalid form security token. Did you submit the form twice by accident?" | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
Unfortunately, the root cause of this behavior cannot be fixed without a major rework of the way form security is handled in MantisBT. MantisBT retrieves the form security token from the PHP session; the maximum validity of stored session data is not defined in Mantis but in PHP itself (session.gc_maxlifetime). If garbage collection has taken place, then this information is no longer available to Mantis. The error message you get has to be generic as it has multiple possible causes, and due what I explained above, we are not able to determine which. If you get this error a lot, it may be worth increasing the value of this parameter in your installation to something that fits your usage scenario. At the moment, I believe the only thing that can reasonably be done, is to modify the error message to reflect the fact that this error can also be triggered by a session timeout. |
|
Original message for error 2800 is: Invalid form security token. Did you submit the form twice by accident? Proposed alternative error message: Invalid form security token. This may happen if you submitted the form twice by accident, or because your session has timed out. Invalid form security token. This could be caused by accidentally submitting the form twice, or by a session timeout. Thoughts, comments ? |
|
The error message has been amended, and a new Troubleshooting chapter added to the Admin guide with some explanations on the cause of this error and possible workarounds. |
|
Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch |
|
MantisBT: master 02755f72 2012-04-13 18:55 Details Diff |
Fix 0014122: Revised message for error 2800 The message now reflects the fact that an invalid security token error is often triggered because of a session timeout. |
Affected Issues 0014122 |
|
mod - lang/strings_english.txt | Diff File | ||
MantisBT: master-1.2.x aa9bf38c 2012-04-13 18:55 Details Diff |
Fix 0014122: Revised message for error 2800 The message now reflects the fact that an invalid security token error is often triggered because of a session timeout. |
Affected Issues 0014122 |
|
mod - lang/strings_english.txt | Diff File |