Move to CSRF tokens inside sessions (instead of expiring cookies) #305
Assignees
Labels
Comments
|
This is a CSRF token issue. If you log in twice it changes the tokens in the old session. |
|
Added logging to try to figure out why my csrf tokens are getting corrupted/disappearing #306 |
|
closing because better error messaging. still should keep an eye on it. hopefully people aren't getting their tokens messed up all the time. |
domino14
changed the title
|
this still happens a lot. People's CSRF cookies just disappear. They are probably expiring. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Several users have reported being unable to play any challenges (they get the JSON unexpected etc message). They all reported it around the same time, and logging out/in fixes it. Weirdly it seems they're still logged in, so I'm not sure what exactly it is.
The text was updated successfully, but these errors were encountered: