planetary-ios icon indicating copy to clipboard operation
planetary-ios copied to clipboard

Published 20 hours ago verified publisher icon planetary-social

Fix CSRF Error on Planetary.name

Open mplorentz opened this issue 1 year ago • 2 comments

Steps to reproduce:

  1. Launch Planetary from a device that hasn't joined the Planetary.name room yet.
  2. Navigate to Settings -> Aliases -> Register new Alias
  3. Tap "Join Planetary.name room" Expected: the room is joined successfully Actual: an error message is displayed

The underlying error message from the server is "CSRF token invalid".

mplorentz avatar Oct 07 '22 21:10 mplorentz

Maybe we need to initialize a cookie store for this flow in the iOS code. But also maybe this is a bug in the server code because I thought CSRF cookies should only be set if you are signed in, and you don't have to be signed in for invitation redemption.

mplorentz avatar Oct 07 '22 21:10 mplorentz

Also maybe this is an error added to ssbc/go-ssb-room between when we added the magic token thing and the HEAD of master on planetary-social/go-ssb-room

mplorentz avatar Oct 07 '22 21:10 mplorentz

This is not the case anymore. We suspect that an older version of the room code may have been incorrectly deployed.

boreq avatar Nov 08 '22 18:11 boreq