View Issue Details

IDProjectCategoryView StatusLast Update
0004139SOGoWeb Generalpublic2022-03-30 16:01
Reporterskrupellos Assigned Tofrancis  
Status resolvedResolutionfixed 
Product Version3.2.8 
Fixed in Version4.0.0 
Summary0004139: Changing password leads to XSRF validation fails

After a user changes their password via the web interface and logs in again, "Request failed" messages appear in the top right corner, if XSRF validation is enabled.

Steps To Reproduce

1) sogo.conf
SOGoPasswordChangeEnabled = "YES";
SOGoXSRFValidationEnabled = "YES";

2) Go to your user preferences -> General -> Password

3) Change your password

4) Logout

5) Login

Additional Information

This is cause since there are now two XSRF-TOKEN in the cookies file. After deleting the first XSRF-TOKEN cookie, everything works again.

TagsNo tags attached.


has duplicate 0003997 resolved Password change, GUI - Request failed, LOG - got 2 values for cookie XSRF-TOKEN 




2017-09-12 14:09

reporter   ~0012287


I'm having the exact same problem everytime I change password.
The authentication backend is a LDAP server.


Related Changesets

sogo: master 789398bd

2017-09-19 09:44


Details Diff
(web) Fix XSRF cookie path when changing password

Fixes 0004139
Affected Issues
mod - NEWS Diff File
mod - UI/MainUI/SOGoRootPage.m Diff File

Issue History

Date Modified Username Field Change
2017-04-09 16:35 skrupellos New Issue
2017-09-12 14:09 Kyoshiro-san Note Added: 0012287
2017-09-19 13:45 francis Changeset attached => sogo master 789398bd
2017-09-19 13:45 francis Assigned To => francis
2017-09-19 13:45 francis Resolution open => fixed
2017-09-19 13:45 francis Status new => resolved
2017-09-19 13:45 francis Fixed in Version => 4.0.0
2022-03-30 16:01 Christian Mack Relationship added has duplicate 0003997