Join 34,000+ subscribers and receive articles from our blog about software quality, testing, QA and security.

The CSRF token is missing or invalid for this POST request


Hello Team,

Users not able to authenticate with our AD through testrail application. Getting the below error:

[DeniedException] The CSRF token is missing or invalid for this POST request.
This usually means that your session has expired. Please refresh this page.

Details: <missing>
File: /var/www/html/testrail/sys/helpers/ex.php
Line: 25
Status Code: 500
Uri: /index.php?/tests/ajax_reload_timer (POST)

Browser: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
PHP: 5.3.3
Server: Linux 2.6.32-642.6.2.el6.x86_64 #1 SMP Wed Oct 26 06:52:09 UTC 2016 x86_64

test_id: 10716994
_token: coLfAyxxXw0mvFZ/y0mR

at ex::raise (ex.php:25)
at ex::raise (ex.php:77)
at ex::raiset (application.php:183)
at ApplicationController->_check_for_csrf (protected.php:20)
at ProtectedController->_init (tests.php:15)
at Tests_controller->_init (gizmo.php:106)
at require_once (index.php:106)



We have the same error on our testRail, about two errors per minute since two weeks.

I don’t really understand what could be the origin of this error.