seo icon indicating copy to clipboard operation
seo copied to clipboard

Published 20 hours ago verified publisher icon ethercreative

SEO plugin isn't passing along a CSRF token when it calls seo/seo/render-data

Open chadcrowell opened this issue 5 years ago • 0 comments

Description

Production site has non-super admin editors in the Control Panel that can not change the author of an entry. Worked with Craft guys on support ticket to figure out that when SEO plugin is disabled, the author can be changed. With it enabled, it can not. Stack trace:

2019-11-01 11:11:35 [-][81660][-][error][yii\web\HttpException:400] yii\web\BadRequestHttpException: Unable to verify your data submission. in /home/superhive/sites/conifer/site/vendor/yiisoft/yii2/web/Controller.php:166
Stack trace:
#0 /home/superhive/sites/conifer/site/vendor/craftcms/cms/src/web/Controller.php(143): yii\web\Controller->beforeAction(Object(yii\base\InlineAction))
#1 /home/superhive/sites/conifer/site/vendor/yiisoft/yii2/base/Controller.php(155): craft\web\Controller->beforeAction(Object(yii\base\InlineAction))
#2 /home/superhive/sites/conifer/site/vendor/craftcms/cms/src/web/Controller.php(187): yii\base\Controller->runAction('render-data', Array)
#3 /home/superhive/sites/conifer/site/vendor/yiisoft/yii2/base/Module.php(528): craft\web\Controller->runAction('render-data', Array)
#4 /home/superhive/sites/conifer/site/vendor/craftcms/cms/src/web/Application.php(299): yii\base\Module->runAction('seo/seo/render-...', Array)
#5 /home/superhive/sites/conifer/site/vendor/craftcms/cms/src/web/Application.php(565): craft\web\Application->runAction('seo/seo/render-...', Array)
#6 /home/superhive/sites/conifer/site/vendor/craftcms/cms/src/web/Application.php(278): craft\web\Application->_processActionRequest(Object(craft\web\Request))
#7 /home/superhive/sites/conifer/site/vendor/yiisoft/yii2/base/Application.php(386): craft\web\Application->handleRequest(Object(craft\web\Request))
#8 /home/superhive/sites/conifer/site/public_html/index.php(21): yii\base\Application->run()

Brad said From the stack trace, it looks like the Ether SEO plugin isn't passing along a CSRF token when it calls seo/seo/render-data

Additional info

  • Craft version: 3.3.14
  • SEO version: 3.6.2
  • PHP version: 7.2.11
  • Database driver & version: mySql 5.6.34
  • Other Plugins: Lots

chadcrowell avatar Nov 01 '19 18:11 chadcrowell