Redirect on bad CSRF instead of presenting bad page

[zeripath]

The current CSRF handler is a bit harsh with bad CSRF tokens on webpages
I think we can be a little kinder and redirect to base page with a flash error

Fix #14167

Signed-off-by: Andrew Thornton art27@cantab.net

[CL-Jeremy]

Hmm, this certainly improves UE greatly, but I don't think merging this should close that issue entirely (although that issue lacks details for further investigation to take place).

[lunny]

But the submitted form information will be lost. Before we can click back button on browser to return back to form page.

[jpraet]

But the submitted form information will be lost. Before we can click back button on browser to return back to form page.

The back button still works for me.

[codecov-commenter]

Codecov Report

Merging #14937 (e129316) into main (fc1607b) will decrease coverage by 0.00%.
The diff coverage is 13.33%.

@@            Coverage Diff             @@
##             main   #14937      +/-   ##
==========================================
- Coverage   45.51%   45.51%   -0.01%     
==========================================
  Files         709      709              
  Lines       83755    83767      +12     
==========================================
+ Hits        38120    38124       +4     
- Misses      39500    39508       +8     
  Partials     6135     6135              

Impacted Files	Coverage Δ
modules/context/csrf.go	70.17% <13.33%> (-11.20%)	⬇️
services/pull/pull.go	41.99% <0.00%> (ø)
models/gpg_key.go	51.99% <0.00%> (+0.56%)	⬆️
modules/queue/workerpool.go	54.96% <0.00%> (+0.76%)	⬆️
modules/log/event.go	59.90% <0.00%> (+0.94%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update fc1607b...e129316. Read the comment docs.

[lunny]

I think it's better to back port to v1.14

[6543]

-> #16378