This repository was archived by the owner on May 9, 2023. It is now read-only.
Password prompt while browsing or error while uploading assets #2539
Description
Describe the bug
While browsing the asset library it can happen to show a password prompt just by changing the directory.
Also it can happen to show an "Unauthorized" error when a file is being uploaded.
TLDR: For me it looks like the amount of requests to /cp/assets/thumbnails/... to show thumbnails set a lot of cookies with different xsrf tokens which leads to session "corruption" (UI having outdated xsrf token)
To Reproduce
Steps to reproduce the behavior:
- Go to 'Assets'
- Click on a directory
- Maybe go back to the parent directory
- See prompt asking for the password
It helps to have a lot of images in the directories.
Expected behavior
It just works without asking for the password.
Environment details (please complete the following information):
- Statamic Version 2.11.21
- OS: Ubuntu 18.04
- Browser: Chrome
- Web Server: nginx
- PHP Version: 7.2
- Addons installed: some
Additional context
Prompt during browse is caused by an error on the POST /cp/assets/browse request.
{
"exception":"TokenMismatchException",
"redirect":"https:\/\/---redacted---\/cp\/auth\/login?expired=1&referer=%2Fcp%2Fassets%2Fbrowse%2Fimg"
}