Top Menu

Jump to content
Home
    • Projects
    • Work packages
    • News
    • Getting started
    • Introduction video
      Welcome to OpenProject Community
      Get a quick overview of project management and team collaboration with OpenProject. You can restart this video from the help menu.
    • Help and support
    • User guides
    • Videos
    • Shortcuts
    • Community forum
    • Professional support
    • Additional resources
    • Data privacy and security policy
    • Digital accessibility (DE)
    • OpenProject website
    • Security alerts / Newsletter
    • OpenProject blog
    • Release notes
    • Report a bug
    • Development roadmap
    • Add and edit translations
    • API documentation
  • Sign in
      Forgot your password?
      Create a new account

      or sign in with your existing account

      Google

Side Menu

  • Overview
  • Activity
  • Roadmap
  • Work packages
  • Calendars
  • Team planners
  • Boards
  • Forums
  • Wiki
    • Table of contents
      • Expanded. Click to collapseCollapsed. Click to showDeveloper
        • Hierarchy leafAccessibility Checklist
        • Hierarchy leafCode Review Guidelines
        • Expanded. Click to collapseCollapsed. Click to showContribution
          • Hierarchy leafGit Workflow
          • Hierarchy leafTranslations
        • Expanded. Click to collapseCollapsed. Click to showDeveloping Plugins
          • Hierarchy leafDeveloping an OmniAuth Authentication Plugin
        • Hierarchy leafRelease Process
        • Hierarchy leafReport a bug
        • Hierarchy leafSecurity
        • Hierarchy leafSetting up an OpenLDAP server for testing
        • Hierarchy leafTheme Features
      • Hierarchy leafDownload
      • Expanded. Click to collapseCollapsed. Click to showFeature tour
        • Hierarchy leafRelease Notes OpenProject 30
        • Expanded. Click to collapseCollapsed. Click to showRelease Notes OpenProject 30 - Overview
          • Hierarchy leafGlossary
          • Hierarchy leafRelease Notes - Accessibility
          • Hierarchy leafRelease Notes - Accessibility changes
          • Hierarchy leafRelease Notes - Add work package queries as menu items to sidebar
          • Hierarchy leafRelease Notes - Copy projects based on Templates
          • Hierarchy leafRelease Notes - Design changes
          • Hierarchy leafRelease Notes - Fixed Bugs
          • Hierarchy leafRelease Notes - Keyboard Shortcuts
          • Hierarchy leafRelease Notes - Project settings
          • Hierarchy leafRelease Notes - Ruby&Rails Update
          • Hierarchy leafRelease Notes - Security
          • Hierarchy leafRelease Notes - Timelines
          • Hierarchy leafRelease Notes - Work packages
      • Hierarchy leafHowto create animated gifs
      • Hierarchy leafMigration Squashing
      • Hierarchy leafMod security
      • Hierarchy leafNew work package page
      • Hierarchy leafOP3 to OP4 Debian upgrade
      • Hierarchy leafOP4 Ubuntu1404 Stable with MySQL in production
      • Hierarchy leafOpenProject 40 Development Setup
      • Expanded. Click to collapseCollapsed. Click to showOpenProject Foundation
        • Hierarchy leafBoards
        • Hierarchy leafMembers
        • Hierarchy leafOPF-Meetings
        • Hierarchy leafStatutes
      • Expanded. Click to collapseCollapsed. Click to showRelease Notes
        • Hierarchy leafOpenProject released on Bitnami
      • Expanded. Click to collapseCollapsed. Click to showRelease Notes OpenProject 40 - Overview
        • Hierarchy leafRelease Notes OpenProject 40 - Accessibility improvements
        • Hierarchy leafRelease Notes OpenProject 40 - Column header functions in work package table
        • Hierarchy leafRelease Notes OpenProject 40 - Improved Design
        • Hierarchy leafRelease Notes OpenProject 40 - Integrated query title on work package page
        • Hierarchy leafRelease Notes OpenProject 40 - Integrated toolbar on work package page
        • Hierarchy leafRelease Notes OpenProject 40 - OmniAuth integration for OpenProject
        • Hierarchy leafRelease Notes OpenProject 40 - Work package details pane
      • Expanded. Click to collapseCollapsed. Click to showSecurity and privacy
        • Hierarchy leafFAQ
      • Expanded. Click to collapseCollapsed. Click to showSupport
        • Expanded. Click to collapseCollapsed. Click to showDownload and Installation
          • Hierarchy leafInstallation MacOS
          • Expanded. Click to collapseCollapsed. Click to showInstallation OpenProject 3 0
            • Hierarchy leafDebian Stable with MySQL in production
            • Hierarchy leafInstallation Ubuntu
            • Hierarchy leafInstallation Windows
            • Hierarchy leafInstallation on Centos 65 x64 with Apache and PostgreSQL 93
          • Expanded. Click to collapseCollapsed. Click to showInstallation OpenProject 40
            • Hierarchy leafOP4 Debian Stable with MySQL in production
          • Expanded. Click to collapseCollapsed. Click to showMigration paths
            • Hierarchy leafFrom Chilliproject to OpenProject
            • Hierarchy leafMigration 15 to 30
            • Hierarchy leafMigration 24 to 30
            • Hierarchy leafMigration Redmine 2x › OpenProject 30
            • Hierarchy leafOpenProject 3 Migration
          • Hierarchy leafOpenProject 40
        • Expanded. Click to collapseCollapsed. Click to showNews
          • Hierarchy leafNew OpenProject Translations Plugin
          • Hierarchy leafNew Plugin on OpenProjectorg Local Avatars
          • Hierarchy leafNew design for OpenProject
          • Hierarchy leafNews Accessibility workshop for OpenProject
          • Hierarchy leafNews Glossary for OpenProject
          • Hierarchy leafNews Heartbleed fixed
          • Hierarchy leafNews Icon Fonts
          • Hierarchy leafNews OpenProject 30 Release
          • Hierarchy leafNews Release GitHub Integration Plugin
          • Hierarchy leafNews Success Story Deutsche Telekom
          • Hierarchy leafNews Timelines
          • Hierarchy leafOpenProject 3013 released
          • Hierarchy leafOpenProject 3017 released
          • Hierarchy leafOpenProject 40 released
          • Hierarchy leafOpenProject 40 will be coming soon
          • Hierarchy leafOpenProject 405 released
          • Hierarchy leafOpenProject and pkgrio
          • Hierarchy leafOpenProject news moved to a new blog
          • Hierarchy leafOpenProjectBitnami
          • Hierarchy leafPackager version with plugins released ("Community edition")
          • Hierarchy leafRegistration OpenProject-Foundation
          • Hierarchy leafRelease OpenProject AuthPlugins
          • Hierarchy leafUpdates on OpenProject
          • Hierarchy leafWe need your feedback for the the new fullscreen view for work packages
        • Hierarchy leafOpenProject Plug-Ins
      • Expanded. Click to collapseCollapsed. Click to showWiki
        • Hierarchy leaf2nd Level Support
You are here:
  • Forums
  • Support Installation & Updates

Content

ubuntu 18.04 getting error 422 crsf after switching from https to http

Added by Jānis Roze about 2 years ago

I am having problems. I had Openproject configured with ssl but then after my managment said they want to switch to http. I reconfigured Openproject to run without ssl. But now many systems but not all get the 

[Error 422] Unable to verify Cross-Site Request Forgery token.

Maybe I am missing something. What would be all the steps from switching from https config to http?

Many thanks for your reply.


Replies (2)

RE: ubuntu 18.04 getting error 422 crsf after switching from https to http - Added by Oliver Günther about 2 years ago

Hi Jänis,

either your OpenProject or your external server is still terminating SSL or treating the request as HTTPS.

If OpenProject assumes the request is HTTPS, it will output cookies with a flag that prohibits them from being sent outside HTTPS. If your connection is now non-SSL, the cookie gets lost and you end up with the error you're seeing.

Please run openproject reconfigure and unset the SSL configuration. Then, ensure that openproject config does not contain any of these:

  • SERVER_PROTOCOL_HTTPS_NO_HSTS=true
  • SERVER_PROTOCOL_FORCE_HTTPS=true
  • SERVER_PROTOCOL=https
  • OPENPROJECT_RAILS__FORCE__SSL=true

Also, test that the protocol is not https:

openproject run bundle exec rails runner "puts Setting.protocol" should yield 'http'.

Best

Oliver

RE: ubuntu 18.04 getting error 422 crsf after switching from https to http - Added by Jānis Roze about 2 years ago

Oliver Günther wrote:

Hi Jänis,

either your OpenProject or your external server is still terminating SSL or treating the request as HTTPS.

If OpenProject assumes the request is HTTPS, it will output cookies with a flag that prohibits them from being sent outside HTTPS. If your connection is now non-SSL, the cookie gets lost and you end up with the error you're seeing.

Please run openproject reconfigure and unset the SSL configuration. Then, ensure that openproject config does not contain any of these:

  • SERVER_PROTOCOL_HTTPS_NO_HSTS=true
  • SERVER_PROTOCOL_FORCE_HTTPS=true
  • SERVER_PROTOCOL=https
  • OPENPROJECT_RAILS__FORCE__SSL=true

Also, test that the protocol is not https:

openproject run bundle exec rails runner \"puts Setting.protocol\" should yield 'http'.

Best

Oliver

Many thanks @Oliver for your response. Cannot overstate how greatful I am.

I did what you told me.

Here is the output:

root@jr:~# openproject config
ADMIN_EMAIL=janis.roze@autokada.lv
APP_GROUP=openproject
APP_HOME=/opt/openproject
APP_NAME=openproject
APP_RUNNER_CLI=systemctl
APP_RUNNER_TYPE=systemd
APP_SAFE_NAME=openproject
APP_USER=openproject
APP_WIZARDS=legacy-installer,openproject-edition,postgres,apache2,repositories,smtp,memcached,openproject
ATTACHMENTS_STORAGE_PATH=/var/db/openproject/files
DATABASE_URL=postgres://openproject:ZQO6wB0KOOsumQZt4anvWjrRW7taAUiB@127.0.0.1:45432/openproject
EMAIL_DELIVERY_METHOD=smtp
EXECJS_RUNTIME=Node
GEM_PATH=/opt/openproject/vendor/bundle/ruby/2.7.0:
GIT_REPOSITORIES=
HOME=/home/openproject
HOST=127.0.0.1
LANG=en_US.UTF-8
MALLOC_ARENA_MAX=2
MEMORY_AVAILABLE=14336
NODE_ENV=production
NODE_HOME=/opt/openproject/.heroku/node
OLDPWD=/
OPENPROJECT_INSTALLATION__TYPE=packager
OPENPROJECT_SMTP__OPENSSL__VERIFY__MODE=none
OPENPROJECT_WEB_WORKERS=5
ORIGINAL_PWD=/root
PATH=bin:/opt/openproject/vendor/bundle/bin:/opt/openproject/vendor/bundle/ruby/2.7.0/bin:/opt/openproject/.heroku/node/bin:/opt/openproject/.heroku/yarn/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/sbin:/opt/openproject/bin:/opt/openproject/node_modules/.bin
PORT=6000
PWD=/opt/openproject
RACK_ENV=production
RAILS_CACHE_STORE=file_store
RAILS_ENV=production
RAILS_LOG_TO_STDOUT=enabled
RAILS_SERVE_STATIC_FILES=enabled
ROOT_PATH=/
SECRET_KEY_BASE=ca650da76072ed6ebedc3f96db013a59c023a308228d340106abf8ad24487409a44e805a82ce99f73795922af4798b9125592f4d066e284839c47f8b2d6b2ad8
SECRET_TOKEN=ca650da76072ed6ebedc3f96db013a59c023a308228d340106abf8ad24487409a44e805a82ce99f73795922af4798b9125592f4d066e284839c47f8b2d6b2ad8
SERVER_GROUP=www-data
SERVER_HOSTNAME=jr.aknet.local
SERVER_PATH_PREFIX=/
SERVER_PATH_PREFIX_PREVIOUS=/
SERVER_PROTOCOL=http
SERVER_USER=www-data
SHLVL=0
SMTP_AUTHENTICATION=login
SMTP_DOMAIN=
SMTP_ENABLE_STARTTLS_AUTO=true
SMTP_HOST=zm.aknet.eu
SMTP__OPENSSL__VERIFY__MODE=none
SMTP_OPENSSL_VERIFY_MODE=none
SMTP_PASSWORD=0991AkubazD
SMTP_PORT=587
SMTP_SSL=true
SMTP_URL=smtp://janis.roze%40autokada.lv:0991AkubazD@zm.aknet.eu:587/
SMTP_USERNAME=janis.roze@autokada.lv
SVN_REPOMAN_TOKEN=OnMQcAKnLXxl2Dak9W2EOODMvZsfxmH5
SVN_REPOMAN_URL=http://127.0.0.1/repoman_svn
SVN_REPOSITORIES=
SYS_API_KEY=U8F78J24G9yp6AXe5G0qcKAPuFG6rT2n
WEB_CONCURRENCY=4
WEB_MEMORY=512
WEB_TIMEOUT=300
root@jr:~# openproject run bundle exec rails runner "puts Setting.protocol"
http

But still I am experiencing the same error! The thing is weird:

PC1:

  • chrome: ok
  • Vivaldi: not ok
  • Vivaldi in private: ok
  • Firefox: ok

PC2(not connected to the system ever before):

  • chrome: not ok
  • Firefox: not ok

It seems random thats why I cannot pinpoint the problem.

  • (1 - 2/2)
Loading...