[Archivesspace_Users_Group] error on v2.2.0 PUI print PDF: InvalidAuthenticityToken

Majewski, Steven Dennis (sdm7g) sdm7g at virginia.edu
Tue Jan 23 17:46:15 EST 2018


Also discovered that PDF print thru SSL proxy does work in Firefox after googling “authenticity token proxy ssl” 
and seeing title of this Rails issue:

 CSRF protection prevents some webkit users from submitting forms · Issue #21948 · rails/rails <https://github.com/rails/rails/issues/21948>

I’ve been seeing the bug in Safari, and you’ve been seeing it in Chrome. Both, I believe, are webkit based.

Long discussion thread that I haven’t digested yet, so I’m not sure if that is the problem here. 
That same google search brings up some other issues that may be related to not passing all of the headers thru proxy. 

https://github.com/rails/rails/issues/22965 <https://github.com/rails/rails/issues/22965>


— Steve M. 



> On Jan 23, 2018, at 5:15 PM, Majewski, Steven Dennis (sdm7g) <sdm7g at virginia.edu> wrote:
> 
> 
> Thanks. Yes: I’m still seeing the problem. No: no solution so far. 
> The fact that I was only seeing it on production limited my ability to debug. 
> Now that you’ve found it’s linked to SSL proxy, I will try to set up test machines to reproduce the problem.  
> 
> — Steve. 
> 
> 
> 
>> On Jan 23, 2018, at 4:25 PM, Chelsea Lobdell <clobdel1 at swarthmore.edu <mailto:clobdel1 at swarthmore.edu>> wrote:
>> 
>> Update: we were able to identify that this error was happening only when running the application over SSL. Accessing the site over non-SSL allowed the print function to work. 
>> 
>> - Chelsea
>> 
>> ---------------
>> Chelsea Lobdell
>> Library Web Developer/ Swarthmore College
>> clobdel1 at swarthmore.edu <mailto:clobdel1 at swarthmore.edu> / (610)690-6818
>> 
>> On Tue, Jan 23, 2018 at 3:45 PM, Chelsea Lobdell <clobdel1 at swarthmore.edu <mailto:clobdel1 at swarthmore.edu>> wrote:
>> Hi Aspace! 
>> 
>> I saw this post on the user group but was not able to find the thread in my email so I apologize for replying off thread. 
>> 
>> We are seeing this same error and we are running v.2.2.2 However, the error seems to be browser specific as it only happens in Chrome. Here's the log output: 
>> 
>> Jan 23, 2018 3:32:31 PM org.eclipse.jetty.server.handler.ContextHandler$Context log
>> INFO: W, [2018-01-23T15:32:31.474750 #21127]  WARN -- : [e1415e7e-47c5-4776-893f-cb5a7b33a4d9] Can't verify CSRF token authenticity.
>> 
>> Jan 23, 2018 3:32:31 PM org.eclipse.jetty.server.handler.ContextHandler$Context log
>> INFO: I, [2018-01-23T15:32:31.478068 #21127]  INFO -- : [e1415e7e-47c5-4776-893f-cb5a7b33a4d9] Completed 422 Unprocessable Entity in 6ms
>> 
>> Jan 23, 2018 3:32:31 PM org.eclipse.jetty.server.handler.ContextHandler$Context log
>> INFO: F, [2018-01-23T15:32:31.485699 #21127] FATAL -- : [e1415e7e-47c5-4776-893f-cb5a7b33a4d9]
>> 
>> Jan 23, 2018 3:32:31 PM org.eclipse.jetty.server.handler.ContextHandler$Context log
>> INFO: F, [2018-01-23T15:32:31.486567 #21127] FATAL -- : [e1415e7e-47c5-4776-893f-cb5a7b33a4d9] ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
>> 
>> Jan 23, 2018 3:32:31 PM org.eclipse.jetty.server.handler.ContextHandler$Context log
>> INFO: F, [2018-01-23T15:32:31.487220 #21127] FATAL -- : [e1415e7e-47c5-4776-893f-cb5a7b33a4d9]
>> 
>> Steve, were you ever able to find a solution for this? Has anybody else encountered this error when trying to print a PDF of a collection in Chrome? 
>> 
>> Thanks, 
>> Chelsea
>> ---------------
>> Chelsea Lobdell
>> Library Web Developer/ Swarthmore College
>> clobdel1 at swarthmore.edu <mailto:clobdel1 at swarthmore.edu> / (610)690-6818 <tel:(610)%20690-6818>
>> _______________________________________________
>> Archivesspace_Users_Group mailing list
>> Archivesspace_Users_Group at lyralists.lyrasis.org <mailto:Archivesspace_Users_Group at lyralists.lyrasis.org>
>> http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group
> 
> _______________________________________________
> Archivesspace_Users_Group mailing list
> Archivesspace_Users_Group at lyralists.lyrasis.org
> http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20180123/1ba3c6bf/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4943 bytes
Desc: not available
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20180123/1ba3c6bf/attachment.bin>


More information about the Archivesspace_Users_Group mailing list