Join 34,000+ subscribers and receive articles from our blog about software quality, testing, QA and security.
 

The CSRF token is missing or invalid for this POST request


#1

Hello Team,

Users not able to authenticate with our AD through testrail application. Getting the below error:

[DeniedException] The CSRF token is missing or invalid for this POST request.
This usually means that your session has expired. Please refresh this page.

Details: <missing>
File: /var/www/html/testrail/sys/helpers/ex.php
Line: 25
Status Code: 500
Host: testrail.corp.ooma.com
Uri: /index.php?/tests/ajax_reload_timer (POST)

Browser: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
PHP: 5.3.3
Server: Linux 2.6.32-642.6.2.el6.x86_64 #1 SMP Wed Oct 26 06:52:09 UTC 2016 x86_64

test_id: 10716994
_token: coLfAyxxXw0mvFZ/y0mR
_version: 5.3.0.3603

Trace:
at ex::raise (ex.php:25)
at ex::raise (ex.php:77)
at ex::raiset (application.php:183)
at ApplicationController->_check_for_csrf (protected.php:20)
at ProtectedController->_init (tests.php:15)
at Tests_controller->_init (gizmo.php:106)
at require_once (index.php:106)

Thanks


#2

We have the same error on our testRail, about two errors per minute since two weeks.

I don’t really understand what could be the origin of this error.