[BlueOnyx:24553] Re: CSRF mismatch
Michael Stauber
mstauber at blueonyx.it
Fri Dec 4 10:56:58 -05 2020
Hi Richard,
> I’m getting this on a new build once it has completed the setup wizard
>
> URL IP:444/wizard?action=post
>
> An error was encountered.
>
> CSRF mismatch: the action you have requested is not allowed.
Hmmm. Ok. Which version of BlueOnyx? Which installation method?
During the web based initial setup CSRF protection is disabled for as
long as the initial setup hasn't been completed. When you finish the web
based setup, CSRF protection is turned on while the settings you
configured are being saved.
The saving happens at http://<IP>:444/wizard?action=post
Upon saving you are redirected to http://<IP>:444/swupdate/news, but
might be bumped back to the login screen if the time-zone and server
time were changed, resulting in a cookie expiry or cookie invalidation.
If you see a "CSRF mismatch" at that time, just access the GUI again:
http://<IP>:444/
That should direct you to the login page.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list