False session expired warning

  • Betroffene App
    WoltLab Suite Core

    In my image limit test, I may have discovered another issue. A false warning that my session has expired even though it clearly has not and I can easily navigate to another page (the dashboard for example) and I am still logged in.

    1.jpg

    To repeat these steps visit this thread (when you have pending notices)

    smile (image test)


    Attempt to view your notifications and the above (see attached) warning will popup.

    Move anywhere else on the site and you can clearly see that this is a false warning.

    Bilder

    System

    Windows 10 Enterprise 2016 LTSB (1607.14393.447) - 64bit

    Windows 7 Enterprise (6.1 build 7601 : Service Pack 1) - 64bit

    Windows XP Professional (5.1 build 2600.xpsp_sp3_qfe.161003-1531 : Service Pack 3) - 32bit

    VOJ320F1A on NVIDIA GeForce GT 430 (1GB DDR3)

    Screen Resolution:1920px x 1080px

    AMD Athlon II X4 630 (2.8 Ghz)

    8.00GB Dual-Channel DDR3 Ram

    Einmal editiert, zuletzt von Abuse_and_Troll_Test (4. November 2016 um 16:56)

  • ^ A quick followup on this. This can also (sometimes) be produced when posting. Usually after switching between the raw and normal editor, then hitting submit. However, it is not exclusive to that behavior.

    System

    Windows 10 Enterprise 2016 LTSB (1607.14393.447) - 64bit

    Windows 7 Enterprise (6.1 build 7601 : Service Pack 1) - 64bit

    Windows XP Professional (5.1 build 2600.xpsp_sp3_qfe.161003-1531 : Service Pack 3) - 32bit

    VOJ320F1A on NVIDIA GeForce GT 430 (1GB DDR3)

    Screen Resolution:1920px x 1080px

    AMD Athlon II X4 630 (2.8 Ghz)

    8.00GB Dual-Channel DDR3 Ram

  • Now would be a good time to check the logs to see if anything was logged. :)

    Dateien

    System

    Windows 10 Enterprise 2016 LTSB (1607.14393.447) - 64bit

    Windows 7 Enterprise (6.1 build 7601 : Service Pack 1) - 64bit

    Windows XP Professional (5.1 build 2600.xpsp_sp3_qfe.161003-1531 : Service Pack 3) - 32bit

    VOJ320F1A on NVIDIA GeForce GT 430 (1GB DDR3)

    Screen Resolution:1920px x 1080px

    AMD Athlon II X4 630 (2.8 Ghz)

    8.00GB Dual-Channel DDR3 Ram

    • Offizieller Beitrag

    Actually the message simply means that the combination of session id and security token does not match.

    This is usually caused by expired sessions, but reloading the page usually fixes this, because you have a login cookie that will perform an automatic login in the background. Using this cookie to authenticate the AJAX request is strictly forbidden, as this would introduce a XSRF vulnerability.

    I'm thinking about changing the message, so that it instructs to reload the page, which most of the time is sufficient to solve this.

  • Actually the message simply means that the combination of session id and security token does not match.

    This is usually caused by expired sessions, but reloading the page usually fixes this, because you have a login cookie that will perform an automatic login in the background. Using this cookie to authenticate the AJAX request is strictly forbidden, as this would introduce a XSRF vulnerability.

    I'm thinking about changing the message, so that it instructs to reload the page, which most of the time is sufficient to solve this.

    It happens far to often for comfort. So much so that my users would assume the site was broken (as I do).

    System

    Windows 10 Enterprise 2016 LTSB (1607.14393.447) - 64bit

    Windows 7 Enterprise (6.1 build 7601 : Service Pack 1) - 64bit

    Windows XP Professional (5.1 build 2600.xpsp_sp3_qfe.161003-1531 : Service Pack 3) - 32bit

    VOJ320F1A on NVIDIA GeForce GT 430 (1GB DDR3)

    Screen Resolution:1920px x 1080px

    AMD Athlon II X4 630 (2.8 Ghz)

    8.00GB Dual-Channel DDR3 Ram

    • Offizieller Beitrag

    I think it's never happened before beta 4

    Now that you say that, the have been some changes to the way cookies are set, which could cause issues in combination with any old cookies still around. I recommend clearing the cookies set for this site and login again, that should fix it.

  • Now that you say that, the have been some changes to the way cookies are set, which could cause issues in combination with any old cookies still around. I recommend clearing the cookies set for this site and login again, that should fix it.

    I'm confident that it is not old cookies. I just finished formatting my whole hard drive and reinstalling a fresh copy of Windows. The attached screenshot is an error I received when clicked on the login / register button.

    That means I received this error before even trying to login. I had not even entered my user name or password. Meaning I received this error as a guest.

    Dateien

    System

    Windows 10 Enterprise 2016 LTSB (1607.14393.447) - 64bit

    Windows 7 Enterprise (6.1 build 7601 : Service Pack 1) - 64bit

    Windows XP Professional (5.1 build 2600.xpsp_sp3_qfe.161003-1531 : Service Pack 3) - 32bit

    VOJ320F1A on NVIDIA GeForce GT 430 (1GB DDR3)

    Screen Resolution:1920px x 1080px

    AMD Athlon II X4 630 (2.8 Ghz)

    8.00GB Dual-Channel DDR3 Ram

    • Offizieller Beitrag

    That means I received this error before even trying to login. I had not even entered my user name or password. Meaning I received this error as a guest.

    Every user has a session that can expire, even guests do. Do you mind to tell me what browser and addons you're running?

  • Every user has a session that can expire, even guests do. Do you mind to tell me what browser and addons you're running?

    In this instance, it would have expired in under 1 minutes (that is how long I was on the site before clicking the link).

    Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:49.0) Gecko/20100101 Firefox/49.0

    JavaScript Enabled: Yes
    Cookies Enabled: Yes
    Device Pixel Ratio: 1
    Screen Resolution: 1920px x 1080px
    Browser Window Size: 1903 px x 971 px

    source: http://www.whoishostingthis.com/tools/user-agent/

    Actually 49.0.2 - 64 bit to be exact. ;)

    Dateien

    System

    Windows 10 Enterprise 2016 LTSB (1607.14393.447) - 64bit

    Windows 7 Enterprise (6.1 build 7601 : Service Pack 1) - 64bit

    Windows XP Professional (5.1 build 2600.xpsp_sp3_qfe.161003-1531 : Service Pack 3) - 32bit

    VOJ320F1A on NVIDIA GeForce GT 430 (1GB DDR3)

    Screen Resolution:1920px x 1080px

    AMD Athlon II X4 630 (2.8 Ghz)

    8.00GB Dual-Channel DDR3 Ram

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!