Surface stale token errors, e.g. "Please refresh your page" |
||||||
Issue descriptionTrying to paste in "665616" I see a red "Error" today. Also trying to unlink a bug by clicking the x in the bug tile doesn't do anything except give MD feedback.
,
Nov 15 2016
From looking at the logs, it looks like you need to refresh your page. Your xrsf token expired, and so our server starts rejecting your requests. We should surface this information better.
,
Nov 15 2016
Perhaps we should add a full page autorefresh timed a bit before the XRSF token expire time?
,
Nov 15 2016
That totally fits what I saw.
,
Nov 15 2016
The periodic updates to issues that you're currently doing is really nice, BTW. It lets the sheriff just leave the page open at tab 1 and working off of it all day.
,
Nov 15 2016
Asking the user to make a full page refresh is suboptimal. Monorail has an ajax wrapper that attempts to auto-refresh the xsrf token under the hood when the server returns an unauthorized response code. We should do something similar.
,
Nov 23 2016
Issue 668210 has been merged into this issue.
,
Nov 23 2016
I'll take a look at this.
,
Nov 23 2016
Thanks Stephen! Here's the relevant code from Monorail you can use as an example. The js client has a function to silently refresh xsrf tokens so you can always just call CS_doPost() and be done with it: https://cs.chromium.org/chromium/infra/appengine/monorail/static/js/framework/framework-ajax.js?l=44 And the server action it uses to do the refresh: https://cs.chromium.org/chromium/infra/appengine/monorail/framework/tokenrefresh.py?l=24 Something similar in Go should be pretty straightforward.
,
Nov 23 2016
,
Nov 28 2016
The following revision refers to this bug: https://chromium.googlesource.com/infra/infra.git/+/1f968728d1e0de1acd5343fd37550d5ede5474ed commit 1f968728d1e0de1acd5343fd37550d5ede5474ed Author: Stephen Martinis <martiniss@chromium.org> Date: Wed Nov 23 23:46:43 2016 SOM: Refresh xsrf token on post error BUG= 665617 Change-Id: If8f6c2d0b47359a97473252886f3ada8e1f72a3e Reviewed-on: https://chromium-review.googlesource.com/414428 Reviewed-by: Sean McCullough <seanmccullough@chromium.org> Commit-Queue: Stephen Martinis <martiniss@chromium.org> [modify] https://crrev.com/1f968728d1e0de1acd5343fd37550d5ede5474ed/go/src/infra/appengine/sheriff-o-matic/elements/som-annotation-manager-behavior.html [modify] https://crrev.com/1f968728d1e0de1acd5343fd37550d5ede5474ed/go/src/infra/appengine/sheriff-o-matic/elements/som-annotations.html [modify] https://crrev.com/1f968728d1e0de1acd5343fd37550d5ede5474ed/go/src/infra/appengine/sheriff-o-matic/som/main.go [modify] https://crrev.com/1f968728d1e0de1acd5343fd37550d5ede5474ed/go/src/infra/appengine/sheriff-o-matic/test/som-annotations-test.html
,
Nov 28 2016
This will go out in tomorrow's weekly release. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by donnd@chromium.org
, Nov 15 2016