Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #42986 "Your request is invalid, please try again" : form is cleared
    Actions
    Infos
    #42986
    Clément Gayot (clementg)
    2025-05-14 15:00
    2025-05-14 10:37
    44678
    Details
    "Your request is invalid, please try again" : form is cleared

    When a form could not be submitted (for example, due to an invalid CSRF token), the form is cleared. It would be more appropriate for the form to remain filled with the values that were submitted before the form was sent.

    Trackers
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Declined
    Empty
    Attachments
    Empty
    References
    Display settings

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2025-05-14 15:00

    The only case where it can happen with the current design is when the user session has changed (after re-login for example). As we need to tie the changes to a specific session context there is no good way to work around this one.

    I understand that the form wasn't submitted because of the CSRF token. Wouldn't saving the form data in sessionStorage on submit be a viable option? It would allow the data to be reused in case of a CSRF failure, while still maintaining security.

    You cannot trust the received data so no you cannot use it as is.

    Storing data and then restore it is also not a trivial task in the tracker artifact view as you have to account for workflows/field deps and the overall code design of this page does not make it possible. This specific error is also only a small part of a wider issue: artifact update can fail for a lot of reasons and the tracker artifact view does not handle it gracefully.

    Declining this specific issue as it is a duplicate of request #18318

    • Status changed from Waiting for information to Declined
    User avatar
    Clément Gayot (clementg)2025-05-14 14:14

    It was on my.enalean today. I had a tab open since the day before with a message. When I completed it and submitted it today, the form was cleared (so I lost my current work).

    I understand that the form wasn't submitted because of the CSRF token. Wouldn't saving the form data in sessionStorage on submit be a viable option? It would allow the data to be reused in case of a CSRF failure, while still maintaining security.

    User avatar
    Thomas Gerbet (tgerbet)2025-05-14 10:48

    Did you encounter a situation where this happened on a recent dev version?

    It would be more appropriate for the form to remain filled with the values that were submitted before the form was sent.

    This error is shown when the CSRF protection mechanism is triggered so no keeping submitted content in this situation is not appropriate.

    • Status changed from New to Waiting for information