Skip to content

CSRF check failed #25927

@sonanchenko

Description

@sonanchenko

Dear Colleagues,

STR:

  1. Update to 9.1 version
  2. Try to log in using https://myhost/owncloud

Expected result:
Logged in

Actual result:
I receive "Access denied. CSRF check failed" after I click Enter.

Strange thing is that for http version everything is fine.

I've also switched to 9.2 alpha and now have owncloud-files-9.2.0-0.1.1.prealpha.20160822.noarch but the issue still in place.

Similar issues were discussed in #25557 and #25799 but @PVince81 asked me to create a new issue.

Here is the tech details:

OS: CentOS 6.8 x64
WebServer: httpd=2.2.27
DB: MariaDB-server-10.1.16
PHP: 5.5.38
Owncloud version: 9.2.0-0.1.1.prealpha.20160822 updated from 9.1 and older ones

APPS:

root /var/www/html/owncloud # sudo -u owncloud php occ app:list
Enabled:

  • calendar: 1.3.2
  • comments: 0.3.0
  • dav: 0.2.5
  • direct_menu: 0.8.1
  • encryption: 1.3.0
  • federatedfilesharing: 0.3.0
  • federation: 0.1.0
  • files: 1.5.1
  • files_excel_reader: 0.1.0
  • files_mv: 0.8.2
  • files_sharing: 0.10.0
  • files_trashbin: 0.9.0
  • files_versions: 1.3.0
  • provisioning_api: 0.5.0
  • systemtags: 0.3.0
  • tasks: 0.9.2
  • updatenotification: 0.2.1

Disabled:

  • activity
  • bookmarks
  • calendarplus
  • contacts
  • documents
  • external
  • files_antivirus
  • files_external
  • files_pdfviewer
  • files_texteditor
  • files_videoplayer
  • firstrunwizard
  • gallery
  • galleryplus
  • notifications
  • ojsxc
  • ownnote
  • sharelinks
  • tasksplus
  • templateeditor
  • user_external
  • user_ldap
  • vids

CONFIG:
root /var/www/html/owncloud # sudo -u owncloud php occ config:list system
{
"system": {
"debug": true,
"instanceid": "ocjl3amsodm7",
"passwordsalt": "_REMOVED SENSITIVE VALUE",
"secret": "_REMOVED SENSITIVE VALUE
",
"trusted_domains": [
"mydomain.com"
],
"datadirectory": "/var/www/html/owncloud/data",
"overwrite.cli.url": "https://mydomain.com/owncloud",
"dbtype": "mysql",
"version": "9.2.0.1",
"dbname": "owncloud",
"dbhost": "localhost",
"dbtableprefix": "oc_",
"dbuser": "_REMOVED SENSITIVE VALUE",
"dbpassword": "_REMOVED SENSITIVE VALUE
",
"installed": true,
"forcessl": true,
"forceSSLforSubdomains": true,
"mail_from_address": "root",
"mail_smtpmode": "php",
"mail_domain": "mydomain.com",
"theme": "",
"maintenance": false,
"loglevel": 1,
"trashbin_retention_obligation": "auto",
"updatechecker": false,
"htaccess.RewriteBase": "/owncloud"
}
}

As for logs - no new lines in owncloud.log and in httpd logs and browser ones there were no info about error also.


Please check and do not hesitate to ask if any additional information is required

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions