Uploaded image for project: 'Mocca Calendar Application'
  1. Mocca Calendar Application
  2. MOCCACAL-169

Poor feedback on CSRF errors when editing events

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Minor
    • None
    • 2.9.7
    • application
    • None
    • Unknown

    Description

      When the CRSF check fails in the "edit event" dialog, only the raw contents of the error message are displayed, and even worse, they completely replacing the current input, causing the loss of all changes made so far.

      Steps to reproduce:

      1. go to the calendar view (any one should do)
      2. click in an existing event, and in the dialog click on "Edit" to get the edit view
      3. restart the servlet container
      4. (maybe warm up the XWiki app by calling any page in another browser tab)
      5. click the "save" button in the open dialog

      Expected behavior:

      • dialog should show a warning about CSRF failure (or in the worse case even the raw JSON response), but allow the user to resubmit the form

      Actual behavior:

      • edit form in the dialog is replaced by the CSRF failure message as raw JSON, see:
      • the save button is still shown, but non-functional

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            camil7 Clemens Robbenhaar
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated: