php - TokenMismatch ONLY Certain Browsers - Laravel 5 Fresh/Production -


one example browser: ie 11: mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko

session started @ 22:46:56. fills out form. submits form @ 22:53:18, gets tokenmismatchexception. 6 minutes later.

session started:

apr 02 22:46:56 production.info: session {"start":1428040016,"id":"8040cc779df0330855f8fa30483af63557aaf9c4","token":"l3nu4ehsev5w1ixy86g18fsgnvs6sacdnjtuz5qv","ip":"74.xx","method":"get","url":"https://sub.domain.com/place-st","ua":"mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko"} []

user submits form 6 minutes later:

apr 02 22:53:18 production.debug: request session token: 8l3pba9albvbcrvipm5wntl7bp0slsirjcakfwzh [] [] apr 02 22:53:18 production.debug: request input _token: l3nu4ehsev5w1ixy86g18fsgnvs6sacdnjtuz5qv [] [] apr 02 22:53:18 production.debug: request header x-csrf-token: [] [] apr 02 22:53:18 production.debug: request header x-xsrf-token: [] [] apr 02 22:53:18 production.debug: request url: https://sub.domain.com/requests/post [] []

server vars:

apr 02 22:53:18 production.debug: array ( 'user' => 'forge', 'home' => '/home/forge', 'fcgi_role' => 'responder', 'app_env' => 'production', 'query_string' => '', 'request_method' => 'post', 'content_type' => 'application/x-www-form-urlencoded', 'content_length' => '867', 'script_filename' => '/home/forge/doamin.com/public/index.php', 'script_name' => '/index.php', 'request_uri' => '/requests/post', 'document_uri' => '/index.php', 'document_root' => '/home/forge/doamin.com/public', 'server_protocol' => 'http/1.1', 'gateway_interface' => 'cgi/1.1', 'server_software' => 'nginx/1.6.2', 'remote_addr' => '74.xx', 'remote_port' => '56563', 'server_addr' => '104.xx', 'server_port' => '443', 'server_name' => 'doamin.com', 'https' => 'on', 'redirect_status' => '200', 'http_accept' => 'text/html, application/xhtml+xml, */*', 'http_referer' => 'https://sub.domain.com/place-st', 'http_accept_language' => 'en-us', 'http_user_agent' => 'mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko', 'http_content_type' => 'application/x-www-form-urlencoded', 'http_accept_encoding' => 'gzip, deflate', 'http_host' => 'sub.domain.com', 'http_content_length' => '867', 'http_connection' => 'keep-alive', 'http_cache_control' => 'no-cache', 'php_self' => '/index.php', 'request_time_float' => 1428040398.7879851, 'request_time' => 1428040398, ) [] []

session/cookie

apr 02 22:53:18 production.debug: request path: requests/post [] [] apr 02 22:53:18 production.debug: cookie: array ( ) [] [] apr 02 22:53:18 production.debug: session: array ( '_token' => '8l3pba9albvbcrvipm5wntl7bp0slsirjcakfwzh', ) [] []

http request:

apr 02 22:53:18 production.debug: post /requests/post http/1.1 accept: text/html, application/xhtml+xml, */* accept-encoding: gzip, deflate accept-language: en-us cache-control: no-cache connection: keep-alive content-length: 867 content-type: application/x-www-form-urlencoded host: sub.domain.com referer: https://sub.domain.com/place-st user-agent: mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko _token=l3nu4ehsev5w1ixy86g18fsgnvs6sacdnjtuz5qv&var=value&var2=value2&etc... [] []

this sounds alot known issue laravel: https://github.com/laravel/framework/issues/8172

the cause not yet known, , has been going on while. there lot of smart people looking - apparent randomness of issue making difficult debug.

i suggest contribute information ticket , keep eye there further information. need information server config , app config possible - can try replicate issue. far exact method replicate not known, making fix difficult.


Comments

Post a Comment

Popular posts from this blog

javascript - AngularJS custom datepicker directive -

i make custom datepicker directive custom template. but have no idea how start building it... how include date data directive? i appreciate guide or give me advice work on more precisely. it might you! follow below steps html code sample: <label>birth date</label> <input type="text" ng-model="birthdate" date-options="dateoptions" custom-datepicker/> <hr/> <pre>birthdate = {{birthdate}}</pre> <script type="text/ng-template" id="custom-datepicker.html"> <div class="enhanced-datepicker"> <div class="proxied-field-wrap"> <input type="text" ui-date-format="yy-mm-dd" ng-model="ngmodel" ui-date="dateoptions"/> </div> <label> <button class="btn" type="button"><i class="icon-calendar"></i>
Read more

javascript - jQuery date picker - Disable dates after the selection from the first date picker -

<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>jquery ui datepicker - default functionality</title> <link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css"> <script src="//code.jquery.com/jquery-1.10.2.js"></script> <script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script> <link rel="stylesheet" href="/resources/demos/style.css"> <script> $(function () { $("#datepicker1").datepicker(); }); </script> <script> $(function () { $("#datepicker2").datepicker(); }); </script> </head> <body> <p>date 1: <input type="text" id="datepicker1"></p> <p>date 2: <input type="t
Read more