Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0055012
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformmajoralways2024-03-20 14:142024-04-09 09:27
Reporternicola_uvaView Statuspublic 
Assigned Tomeriem_azaf 
PriorityimmediateResolutionfixedFixed in VersionPR24Q3
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Versionpi
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionpiSCM revision 
Review Assigned To
Web browser
ModulesCore
Regression levelQA functional test
Regression date2024-02-26
Regression introduced in releasepi
Regression introduced by commithttps://gitlab.com/openbravo/product/openbravo/-/commit/01c9d899e4fab5431f3ab1d2d87c92297fcf464d [^]
Triggers an Emergency PackNo
Summary

0055012: Business API Data Load window: Not possible to load the data - InvalidCSRFToken

DescriptionIs not possible load data through the Business API Data Load window. An InvalidCSRFToken error message is showed in the log.
Steps To Reproduce1) go to https://livebuilds.openbravo.com/context/retail_pos2_modules_pgsql [^]
2) open the window Business API Data Load
3) select the entity you want to load (e.i Gifcard) and load the csv file
4) click "Done" button -> an ERROR is showed. See the log attached
TagsNo tags attached.
Attached Fileslog file icon InvalidCSRFToken.log [^] (6,612 bytes) 2024-03-20 14:14

- Relationships Relation Graph ] Dependency Graph ]
depends on backport 0055126PR24Q2 closedmeriem_azaf Business API Data Load window: Not possible to load the data - InvalidCSRFToken 
caused by defect 0051321 closedjarmendariz Improve CSRF coverage to cover some missing POST requests 
causes defect 0055542 closedTriage Platform Base Error when trying to import data from CSV file to an entity with the Business API Data Load process 

-  Notes
(0162533)
AugustoMauch (administrator)
2024-03-22 09:16
edited on: 2024-03-22 09:19

Missing csrfToken in request: add [1] here [2]

[1] formData.append('csrfToken', OB.User.csrfToken)

[2] https://gitlab.com/openbravo/product/openbravo/-/blob/master/modules/org.openbravo.client.application/web/org.openbravo.client.application/js/process/ob-parameter-window-view.js?ref_type=heads#L490 [^]

(0162544)
hgbot (developer)
2024-03-22 11:05

Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/1178 [^]
(0162951)
hgbot (developer)
2024-04-09 09:27

Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/1178 [^]
(0162952)
hgbot (developer)
2024-04-09 09:27

Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: 7aecbb28ae54e0cdbdd3570a064a4f54c521b33e
Author: Meriem Azaf <m.azaf@orisha.com>
Date: 09-04-2024 07:27:13
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/7aecbb28ae54e0cdbdd3570a064a4f54c521b33e [^]

Fixes ISSUE-0055012: Problem in loading the data in BUsiness API Data Load window

Problem in loading data through the Business API Data Load window. An InvalidCSRFToken error message is showed in the log.

The problem is that now we are checking that the csrfToken parameter of POST requests, but we missed to include the CSRF token in one of them. So we include it.

---
M modules/org.openbravo.client.application/web/org.openbravo.client.application/js/process/ob-parameter-window-view.js
---

- Issue History
Date Modified Username Field Change
2024-03-20 14:14 nicola_uva New Issue
2024-03-20 14:14 nicola_uva Assigned To => Triage Platform Base
2024-03-20 14:14 nicola_uva File Added: InvalidCSRFToken.log
2024-03-20 14:14 nicola_uva Modules => Core
2024-03-20 14:14 nicola_uva Triggers an Emergency Pack => No
2024-03-20 14:17 alostale Assigned To Triage Platform Base => Triage Platform Conn
2024-03-22 09:15 AugustoMauch Regression level => QA functional test
2024-03-22 09:15 AugustoMauch Regression date => 2024-02-26
2024-03-22 09:15 AugustoMauch Regression introduced in release => pi
2024-03-22 09:15 AugustoMauch Regression introduced by commit => https://gitlab.com/openbravo/product/openbravo/-/commit/01c9d899e4fab5431f3ab1d2d87c92297fcf464d [^]
2024-03-22 09:16 AugustoMauch Note Added: 0162533
2024-03-22 09:16 AugustoMauch Assigned To Triage Platform Conn => meriem_azaf
2024-03-22 09:19 AugustoMauch Note Edited: 0162533 View Revisions
2024-03-22 11:05 hgbot Note Added: 0162544
2024-03-22 11:35 alostale Relationship added caused by 0051321
2024-04-08 14:04 meriem_azaf Status new => scheduled
2024-04-09 09:27 hgbot Note Added: 0162951
2024-04-09 09:27 hgbot Resolution open => fixed
2024-04-09 09:27 hgbot Status scheduled => closed
2024-04-09 09:27 hgbot Fixed in Version => PR24Q3
2024-04-09 09:27 hgbot Note Added: 0162952
2024-05-21 17:04 caristu Relationship added causes 0055542


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker