Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-14391

UI-tests ran on Chrome don't work properly because of CSRF validation issue

    XMLWordPrintable

Details

    Description

      The main idea is to have the automated ui-tests to run on Chrome. I have started with excluding tests that fail on Chrome, but ran into something very serious.
      It seems that there is an issue with Chrome and our CSRF module, because I have some CSRF validation errors in the console, and in the UI I get the page with the following text:

      "This request contains an invalid authentication information.

This might happen in the following situations:

* You left the editor open in another window/tab and logged off and on again
* Your authentication token expired after a long period of inactivity
* Somebody tried to perform a CSRF attack
If you are sure that none of these situations apply in your case, you might have found a bug. We are sorry about that, please report it on XWiki JIRA

Do you want to resend the request? If unsure, say No.

 NO/YES

      Because the tests do not expect this, they will fail because of UI.

      In the console, I get something like this. This is just an example, I get this in a lot of other places:

       2012-06-26 11:03:44,932 [http://localhost:8080/xwiki/bin/edit/LiveTableEditorTest/testDeprecatedColumns?form_token=usW3uYYlgEFgETJwoaIuQw&AppWithinMinutes.LiveTableClass_0_class=XWiki.XWikiUsers&template=AppWithinMinutes.LiveTableTemplate&editor=inline&AppWithinMinutes.LiveTableClass_0_columns=doc.name+foo&] WARN  o.x.c.i.DefaultCSRFToken       - CSRFToken: Secret token verification failed, token: "usW3uYYlgEFgETJwoaIuQw", stored token: "K5n6NbJNc7M8P3xFn96gww"

      I was not able to find the test that breaks this, my personal guess would be LoginTest or RegistrationTest, but I am not able to run 2,3,4, multiple tests to form a chain that would make easily reproducible by the developer.

      I have attached a file with the full suite run, which gives the CSRF Validation error message. Note that a lot of tests pass because they are excluded from Chrome.

      The only way I can reproduce this is to exclude the tests that fail for other reasons, and thus leaving this the only one issue in the entire suite.
      This takes time because the developer has to run the whole suite several times

      Attachments

        Issue Links

          blocks

          Task - A task that needs to be done. XWIKI-14428 Exclude failing Selenium 2 tests on Chrome from running

          • Major - Major loss of function.
          • Reopened
          relates to

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-14411 Fix automated UI tests that fail on Chrome

          • Major - Major loss of function.
          • Closed

          Activity

            People

              tmortagne Thomas Mortagne
              sorinello Sorin Burjan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: