halo
halo copied to clipboard
halo-dev
1Panel和Docker安装halo后,登录后台出现了“An expected CSRF token cannot be found”错误,导致无法进入后台管理页面。
前置条件
- [x] 已经在 issues 列表中搜索了相关问题。
- [x] 这是 Halo 项目本身存在的问题,如果是非项目本身的问题(如:安装部署问题),建议在 Discussions 提交。
- [x] 已经尝试过停用所有的插件,排除是插件导致的问题。
- [x] 如果是插件和主题的问题,请在对应的插件和主题仓库提交。
系统信息
- 版本 2.20(2.19以上版本都会出现这个问题)
- 服务器:腾讯云 2c2g,系统 centos7.6(ubuntu系统也试过了还是不行)
使用的哪种方式运行?
Docker
发生了什么?
1Panel和Docker安装halo后,登录后台出现了“An expected CSRF token cannot be found”错误,导致无法进入后台管理页面。我是通过服务器ip地址访问后台的,不知道是不是我没绑定域名的关系。
复现步骤
1.安装1Panel 2.安装MySQL8.4 3.安装2.19以上版本额的halo
相关日志输出
ansaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.262+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Application context run.halo.app.plugin.PluginApplicationContext@10e500d1, started on Fri Dec 13 20:45:33 CST 2024, parent: org.springframework.context.support.GenericApplicationContext@cfe4575e for plugin PluginSearchWidget is created
2024-12-13T20:45:33.263+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Before publishing plugin starting event for plugin PluginSearchWidget
2024-12-13T20:45:33.263+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : After publishing plugin starting event for plugin PluginSearchWidget
2024-12-13T20:45:33.263+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Starting run.halo.search.widget.SearchWidgetPlugin@900bd1ac for plugin PluginSearchWidget
2024-12-13T20:45:33.264+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Started run.halo.search.widget.SearchWidgetPlugin@900bd1ac for plugin PluginSearchWidget
2024-12-13T20:45:33.264+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Before publishing plugin started event for plugin PluginSearchWidget
2024-12-13T20:45:33.264+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.controller.DefaultController : Starting controller run.halo.app.plugin.DefaultReactiveSettingFetcher
2024-12-13T20:45:33.266+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : After publishing plugin started event for plugin PluginSearchWidget
2024-12-13T20:45:33.267+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Started plugin PluginSearchWidget
2024-12-13T20:45:33.275+08:00 INFO 6 --- [tingFetcher-t-1] r.h.a.e.controller.DefaultController : Controller worker run.halo.app.plugin.DefaultReactiveSettingFetcher-worker-1 started
2024-12-13T20:45:33.275+08:00 INFO 6 --- [tingFetcher-t-1] r.h.a.e.controller.RequestSynchronizer : Starting request(v1alpha1/ConfigMap) synchronizer...
2024-12-13T20:45:33.275+08:00 INFO 6 --- [tingFetcher-t-1] r.h.a.e.controller.RequestSynchronizer : Started request(v1alpha1/ConfigMap) synchronizer.
2024-12-13T20:45:33.292+08:00 WARN 6 --- [yReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.306+08:00 WARN 6 --- [yReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.315+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initializing setting and config map for plugin app-store-integration
2024-12-13T20:45:33.330+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized setting plugin-app-store-integration-setting for plugin app-store-integration
2024-12-13T20:45:33.341+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized config map plugin-app-store-integration-configmap for plugin app-store-integration
2024-12-13T20:45:33.349+08:00 WARN 6 --- [yReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.386+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.394+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving logo resource for plugin app-store-integration
2024-12-13T20:45:33.395+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving main.js and style.css for plugin app-store-integration
2024-12-13T20:45:33.407+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Starting plugin app-store-integration
2024-12-13T20:45:33.408+08:00 INFO 6 --- [nReconciler-t-1] org.pf4j.AbstractPluginManager : Enabled plugin '[email protected]'
2024-12-13T20:45:33.408+08:00 INFO 6 --- [nReconciler-t-1] org.pf4j.AbstractPluginManager : Start plugin '[email protected]'
2024-12-13T20:45:33.415+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Preparing starting plugin app-store-integration
2024-12-13T20:45:33.428+08:00 WARN 6 --- [yReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.476+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Application context run.halo.app.plugin.PluginApplicationContext@b8652ade, started on Fri Dec 13 20:45:33 CST 2024, parent: org.springframework.context.support.GenericApplicationContext@cfe4575e for plugin app-store-integration is created
2024-12-13T20:45:33.477+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Before publishing plugin starting event for plugin app-store-integration
2024-12-13T20:45:33.477+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : After publishing plugin starting event for plugin app-store-integration
2024-12-13T20:45:33.477+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Starting run.halo.appstore.AppStorePlugin@bb5056d4 for plugin app-store-integration
2024-12-13T20:45:33.516+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.index.IndexerFactoryImpl : Start building index for type: /registry/license.halo.run/activations, please wait...
2024-12-13T20:45:33.516+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.index.IndexerFactoryImpl : Index for type: /registry/license.halo.run/activations built successfully, cost 0 ms
2024-12-13T20:45:33.521+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Started run.halo.appstore.AppStorePlugin@bb5056d4 for plugin app-store-integration
2024-12-13T20:45:33.522+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : Before publishing plugin started event for plugin app-store-integration
2024-12-13T20:45:33.523+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.controller.DefaultController : Starting controller run.halo.app.plugin.DefaultReactiveSettingFetcher
2024-12-13T20:45:33.523+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.controller.DefaultController : Starting controller run.halo.appstore.license.ActivationReconciler
2024-12-13T20:45:33.527+08:00 INFO 6 --- [tingFetcher-t-1] r.h.a.e.controller.DefaultController : Controller worker run.halo.app.plugin.DefaultReactiveSettingFetcher-worker-1 started
2024-12-13T20:45:33.528+08:00 INFO 6 --- [tingFetcher-t-1] r.h.a.e.controller.RequestSynchronizer : Starting request(v1alpha1/ConfigMap) synchronizer...
2024-12-13T20:45:33.528+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.controller.DefaultController : Controller worker run.halo.appstore.license.ActivationReconciler-worker-1 started
2024-12-13T20:45:33.528+08:00 INFO 6 --- [tingFetcher-t-1] r.h.a.e.controller.RequestSynchronizer : Started request(v1alpha1/ConfigMap) synchronizer.
2024-12-13T20:45:33.531+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.controller.RequestSynchronizer : Starting request(license.halo.run/v1alpha1/Activation) synchronizer...
2024-12-13T20:45:33.531+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.e.controller.RequestSynchronizer : Started request(license.halo.run/v1alpha1/Activation) synchronizer.
2024-12-13T20:45:33.538+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.542+08:00 INFO 6 --- [nReconciler-t-1] run.halo.app.plugin.SpringPlugin : After publishing plugin started event for plugin app-store-integration
2024-12-13T20:45:33.543+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Started plugin app-store-integration
2024-12-13T20:45:33.548+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.557+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initializing setting and config map for plugin PluginSitemap
2024-12-13T20:45:33.569+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.576+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized setting sitemap-settings for plugin PluginSitemap
2024-12-13T20:45:33.579+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized config map sitemap-configMap for plugin PluginSitemap
2024-12-13T20:45:33.585+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.592+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving logo resource for plugin PluginSitemap
2024-12-13T20:45:33.593+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving main.js and style.css for plugin PluginSitemap
2024-12-13T20:45:33.594+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Starting plugin PluginSitemap
2024-12-13T20:45:33.594+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Started plugin PluginSitemap
2024-12-13T20:45:33.604+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.617+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.625+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initializing setting and config map for plugin PluginCommentWidget
2024-12-13T20:45:33.641+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized setting plugin-comment-widget-settings for plugin PluginCommentWidget
2024-12-13T20:45:33.646+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized config map plugin-comment-widget-configmap for plugin PluginCommentWidget
2024-12-13T20:45:33.655+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.660+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving logo resource for plugin PluginCommentWidget
2024-12-13T20:45:33.660+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving main.js and style.css for plugin PluginCommentWidget
2024-12-13T20:45:33.661+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Starting plugin PluginCommentWidget
2024-12-13T20:45:33.661+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Started plugin PluginCommentWidget
2024-12-13T20:45:33.670+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.686+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.693+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initializing setting and config map for plugin PluginFeed
2024-12-13T20:45:33.705+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized setting plugin-feed-setting for plugin PluginFeed
2024-12-13T20:45:33.712+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized config map plugin-feed-config for plugin PluginFeed
2024-12-13T20:45:33.720+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.725+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving logo resource for plugin PluginFeed
2024-12-13T20:45:33.726+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving main.js and style.css for plugin PluginFeed
2024-12-13T20:45:33.726+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Starting plugin PluginFeed
2024-12-13T20:45:33.727+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Started plugin PluginFeed
2024-12-13T20:45:33.736+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.751+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.756+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initializing setting and config map for plugin PluginSearchWidget
2024-12-13T20:45:33.770+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.776+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving logo resource for plugin PluginSearchWidget
2024-12-13T20:45:33.777+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving main.js and style.css for plugin PluginSearchWidget
2024-12-13T20:45:33.778+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Starting plugin PluginSearchWidget
2024-12-13T20:45:33.778+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Started plugin PluginSearchWidget
2024-12-13T20:45:33.801+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.819+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.826+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initializing setting and config map for plugin app-store-integration
2024-12-13T20:45:33.840+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized setting plugin-app-store-integration-setting for plugin app-store-integration
2024-12-13T20:45:33.848+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Initialized config map plugin-app-store-integration-configmap for plugin app-store-integration
2024-12-13T20:45:33.856+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.862+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving logo resource for plugin app-store-integration
2024-12-13T20:45:33.863+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Resolving main.js and style.css for plugin app-store-integration
2024-12-13T20:45:33.863+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Starting plugin app-store-integration
2024-12-13T20:45:33.863+08:00 INFO 6 --- [nReconciler-t-1] r.h.a.core.reconciler.PluginReconciler : Started plugin app-store-integration
2024-12-13T20:45:33.873+08:00 WARN 6 --- [nReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
2024-12-13T20:45:33.887+08:00 WARN 6 --- [yReconciler-t-1] io.r2dbc.h2.H2Connection : Option{name='readOnly', sensitive=false} + isn't supported in H2 at the transaction level. You must set it on conenction URL. See http://www.h2database.com/html/features.html#read_only
附加信息
No response
是否是直接访问 Halo 访问?如果不是,建议绕过反向代理,直接访问端口看看是否能复现,如果不能复现,建议在 1Panel 或者反向代理排查问题。这个问题的原因可能是在传输过程中,CSRF Token 没有给到 Halo。
不知道你是怎么配置的,看错误你应该是使用的H2数据库,另外2c2g建议安装Postgresql,MySQL内存占用太大了
这个 H2 的日志不会影响访问,只是警告。不过上面说的是使用的 MySQL,估计配置有问题。
@dnwwdwd 是否是在 1Panel 应用商店安装的 Halo?如果是,不应该会使用 H2。
是否是直接访问 Halo 访问?如果不是,建议绕过反向代理,直接访问端口看看是否能复现,如果不能复现,建议在 1Panel 或者反向代理排查问题。这个问题的原因可能是在传输过程中,CSRF Token 没有给到 Halo。
您好,我刚换了pgsql还是出现了这个问题,用的是1Panel面板安装的halo,并没有使用反向代理,我是通过ip:端口/console访问后台的,其在控制台报了这个错误。难道是不可通过ip地址访问后台接口吗?如果您有时间可以帮忙看看吗,谢谢了。