yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #65916
[Bug 1690387] Re: instance delete fails with: 403 Forbidden - CSRF verification failed
Fixed by https://review.openstack.org/#/c/476147/
** Changed in: horizon
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1690387
Title:
instance delete fails with: 403 Forbidden - CSRF verification failed
Status in OpenStack Dashboard (Horizon):
Fix Released
Bug description:
Behavior is that an instance deletion from /project/instances is
failing.
The error returned is: 403 Forbidden - CSRF verification failed
This was noted in #openstack-horizon by zigo on 2017-05-12.
OpenStack Release was stated to be Newton, on Debian.
Below are the steps to reproduce from the original bug report.
The information is pulled from (replicated) Debian bugs:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862387
----
Instance delete fails when I access:
http://os-ctrl/horizon/project/instances/
and select "Delete Instance" from the list of actions with
the error:
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
while I see the csrftoken being sent in the request:
csrftoken: tMhcr99nId798AXdULs8dUjuEHemALp0ONGCa4Y8ahpIuckFFqxexCuD13uR5ATy
Apache error.log just reports the same thing:
Forbidden (CSRF token missing or incorrect.):
/horizon/project/instances/, referer: http://os-
ctrl/horizon/project/instances/
Deleting the instance works if I enter the instance first:
http://os-ctrl/horizon/project/instances/6a167f8a-f0c6-440a-
a1c1-c0063058d5c4/
and than select "Delete Instance" from the list of actions.
The same issue exists when deleting volumes from:
http://os-ctrl/horizon/project/volumes/
-- System Information:
Debian Release: 9.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64
(x86_64)
Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages openstack-dashboard depends on:
ii adduser 3.115
ii libjs-jquery 3.1.1-2
ii libjs-jquery-cookie 11-3
ii python-django-horizon 3:10.0.1-1
pn python:any <none>
openstack-dashboard recommends no packages.
Versions of packages openstack-dashboard suggests:
ii memcached 1.4.33-1
ii openstack-dashboard-apache 3:10.0.1-1
-- no debconf information
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1690387/+subscriptions
References