- edited description
XSRF Error when Logging Time though timesheet?
Hi
One of our users started experiencing an XSRF token error last week when logging time from the timesheet report. I've attached a screenshot of this error message to the case.
I tried submitting a support case to Atlassian but this error is not appearing when the user tries logging time from the issue itself, only from the timesheet. IF she does log work from the issue itself, that work does not show up on the timesheet for that day...
As per Atlassian support I tried deleting cookies/cache multiple times and her IE 10 options seems to be the same as mine and I am not experiencing the error. We tried with her account on another machine and we are not seeing the error, any idea what it could be?
Not sure if this is actually a timesheet error or Atlassian but thought I would see what you think.
Note: we are on JIRA 5.2.10 and Timesheet Plugin 2.6.2
Thank you! Tudor
Comments (7)
-
Account Deleted -
Hi Tudor,
Well, I also can't know what's going on, I can only suggest you and/or she compare url from browser location bar, particularly value atl_token parameter. Of course it will be different all the time, I just suspect that it may be incorrectly url encoded in her case. But it's hard to figure out. You can paste her (invalid one) here also, to let me inspect it too.
Thank you.
-
Account Deleted Thanks Andriy. I've taken a look at the URLs on both my machine and hers and it looks like the atl_token parameter is the same for both of us.
USER WITH XSRF ERROR: (just token) atl_token=BKRE-RAV8-R142-1FC7
USER WITHOUT XSRF ERROR: (just token) atl_token=BKRE-RAV8-R142-1FC7
USER WITH XSRF ERROR: http://server/secure/CreateWorklog.jspa?id=14959&startDate=31%2FOct%2F13+12%3A00+AM&atl_token=BKRE-RAV8-R142-1FC7|00e90daa1c9adad6398f535010a36307f80f9d80|lin&returnUrl=http%3A%2F%2Fbssi-vm-jira%3A8080%2Fsecure%2FDashboard.jspa
USER WITHOUT XSRF ERROR: http://server/secure/CreateWorklog.jspa?id=15400&startDate=08%2FNov%2F13+8%3A49+AM&atl_token=BKRE-RAV8-R142-1FC7|239e55c48621b48f8f7d31ede6dfe58a50182a5f|lin&returnUrl=http%3A%2F%2Fbssi-vm-jira%3A8080%2Fsecure%2FDashboard.jspa
Any other troubleshooting ideas?
Thanks again, Tudor
-
Hi Tudor,
Well, could you please compare atl_token in Time Sheet gadget and Assigned to Me gadget? I.e. there in Assigned to Me gadget is tools icon, you can right-click and copy link, and then click on '+' sign in Time Sheet gadget.
Note, this atl_token is generated on every page, but it should be the same until you navigate from the page.
Note, the atl_token includes value between pipes following the key code.
If they are the same, does the error happens using anything from the tools menu of Assigned to Me gadget?
Thank you.
-
- changed status to on hold
-
- changed status to invalid
-
- removed version
Removing version: 2.6 (automated comment)
- Log in to comment