Contrib.social

Cannot ajax-ban IPv6 addresses - AccessDeniedHttpException: 'dblog_ban_csrf_ajax_token' URL query argument is invalid

Open on Drupal.org β†’
Created on 3 February 2023, over 1 year ago
Updated 17 November 2023, 8 months ago

Problem/Motivation

While browsing the database logs of a website I maintain, running drupal-10.0.2 and dblog_ban-2.0.1, I tried banning some IPv6 addresses, but the ban link didn't change to an unban link. Refreshing the database log showed "access denied" entries, with the following message:

Path: /dblog_ban/ajax/ban/AN_IPV6_ADDRESS_HERE?destination=/admin/reports/dblog%3Fpage%3D2&token=A_TOKEN_HERE&_wrapper_format=drupal_ajax. Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException: 'dblog_ban_csrf_ajax_token' URL query argument is invalid. in Drupal\Core\Routing\AccessAwareRouter->checkAccess() (line 115 of /code/web/core/lib/Drupal/Core/Routing/AccessAwareRouter.php).

... so it seems like a regular token got added to the URL; but the dblog_ban_csrf_ajax_token token was not added?

Steps to reproduce

(to be done)

Proposed resolution

(to be determined)

Remaining tasks

(to be determined)

User interface changes

(to be determined)

API changes

(to be determined)

Data model changes

(to be determined)

πŸ› Bug report
Status

Needs review

Version

2.0

Component

Code

Created by

πŸ‡¨πŸ‡¦Canada mparker17 UTC-4

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024