Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted. You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.org http://www.linux.codehelp.co.uk/
Added a little from previous email ,resend:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.org http://www.linux.codehelp.co.uk/
Please, try this: CSRF protection
In case of CSRF errors when logging in Lava, read this https://staging.validation.linaro.org/static/docs/v2/installing_on_debian.html#django-localhost .
Set *CSRF_COOKIE_SECURE* and *SESSION_COOKIE_SECURE* to *false* in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava *gunicorn* server:
sudo service lava-server-gunicorn restart
_______
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend: I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/ static/docs/v2/installing_on_debian.html#using-localhost- or-non-https-instance-url
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams
neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>> http://you.163.com/item/detail?id=1092001&from=web_gg_mail_jiaobiao_7
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
I had made this change in /etc/lava-server/settings.conf, but no changes in result.
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this:
CSRF protection
In case of CSRF errors when logging in Lava, read this.
Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to false in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava gunicorn server:
sudo service lava-server-gunicorn restart
_______
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>>
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
Did you restart gunicorn?
sudo service lava-server-gunicorn restart
After restart try again!?
_______
Last resort: CSRF checks are implemented in this (?) code (from my colleague, who also investigated this problem):
/srv/kernelci-frontend/app/dashboard/__init__.py
It is out of desperation... Sometimes desperation can do good things!? :-(
Zoran
On Mon, Aug 6, 2018 at 11:26 AM, ljh_dev ljh_dev@126.com wrote:
I had made this change in /etc/lava-server/settings.conf, but no changes in result.
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this: CSRF protection
In case of CSRF errors when logging in Lava, read this https://staging.validation.linaro.org/static/docs/v2/installing_on_debian.html#django-localhost .
Set *CSRF_COOKIE_SECURE* and *SESSION_COOKIE_SECURE* to *false* in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava *gunicorn* server:
sudo service lava-server-gunicorn restart
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend: I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/ static/docs/v2/installing_on_debian.html#using-localhost-or- non-https-instance-url
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams
neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>> http://you.163.com/item/detail?id=1092001&from=web_gg_mail_jiaobiao_7
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
I certainly excuted sudo service lava-server-gunicorn restart. Even including restart computer. And In setting.conf,config item add quotation or not both tried: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false or CSRF_COOKIE_SECURE: false, SESSION_COOKIE_SECURE: false The result errors is same. My enviroment: debian 9.5.0, repository : debhttps://images.validation.linaro.org/production-repostretch-backportsmain
At 2018-08-06 18:06:12, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Did you restart gunicorn?
sudo service lava-server-gunicorn restart
After restart try again!?
_______
Last resort: CSRF checks are implemented in this (?) code (from my colleague, who also investigated this problem):
/srv/kernelci-frontend/app/dashboard/__init__.py
It is out of desperation... Sometimes desperation can do good things!? :-(
Zoran
On Mon, Aug 6, 2018 at 11:26 AM, ljh_dev ljh_dev@126.com wrote:
I had made this change in /etc/lava-server/settings.conf, but no changes in result.
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this:
CSRF protection
In case of CSRF errors when logging in Lava, read this.
Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to false in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava gunicorn server:
sudo service lava-server-gunicorn restart
_______
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>>
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
Hi,
I also never had success with putting these values in /etc/lava-server/settings.conf. Instead, changing them in /usr/lib/python3/dist-packages/lava_server/settings/common.py works. That is far from optimal, as these changes are overwritten when updating LAVA.
Hope that works for you!
Cheers, Karsten
On Mon, Aug 6, 2018 at 12:21 PM, ljh_dev ljh_dev@126.com wrote:
I certainly excuted sudo service lava-server-gunicorn restart. Even including restart computer. And In setting.conf,config item add quotation or not both tried:
"CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false or CSRF_COOKIE_SECURE: false, SESSION_COOKIE_SECURE: false
The result errors is same. My enviroment: debian 9.5.0, repository : deb https://images.validation. linaro.org/production-repo stretch-backports main
At 2018-08-06 18:06:12, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Did you restart gunicorn?
sudo service lava-server-gunicorn restart
After restart try again!?
Last resort: CSRF checks are implemented in this (?) code (from my colleague, who also investigated this problem):
/srv/kernelci-frontend/app/dashboard/__init__.py
It is out of desperation... Sometimes desperation can do good things!? :-(
Zoran
On Mon, Aug 6, 2018 at 11:26 AM, ljh_dev ljh_dev@126.com wrote:
I had made this change in /etc/lava-server/settings.conf, but no changes in result.
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this: CSRF protection
In case of CSRF errors when logging in Lava, read this https://staging.validation.linaro.org/static/docs/v2/installing_on_debian.html#django-localhost .
Set *CSRF_COOKIE_SECURE* and *SESSION_COOKIE_SECURE* to *false* in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava *gunicorn* server:
sudo service lava-server-gunicorn restart
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend: I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/ static/docs/v2/installing_on_debian.html#using-localhost-or- non-https-instance-url
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams
neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>> http://you.163.com/item/detail?id=1092001&from=web_gg_mail_jiaobiao_7
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
Hi,
Adding:
"CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
to /etc/lava-server/settings.conf *should* fix the issue, since those configuration options are what Django uses for CSRF handling. When I ran into this problem for the first time, I remember I had to go into incognito mode for a successful login attempt. I believe this might be something to do with cookies.
Regards, Andrejs.
________________________________ From: Lava-users lava-users-bounces@lists.linaro.org on behalf of Karsten Tausche karsten@fairphone.com Sent: Monday, August 6, 2018 12:30:11 PM To: Lava Users Mailman list Subject: Re: [Lava-users] lava-server login error
Hi,
I also never had success with putting these values in /etc/lava-server/settings.conf. Instead, changing them in /usr/lib/python3/dist-packages/lava_server/settings/common.py works. That is far from optimal, as these changes are overwritten when updating LAVA.
Hope that works for you!
Cheers, Karsten
On Mon, Aug 6, 2018 at 12:21 PM, ljh_dev <ljh_dev@126.commailto:ljh_dev@126.com> wrote: I certainly excuted sudo service lava-server-gunicorn restart. Even including restart computer. And In setting.conf,config item add quotation or not both tried:
"CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false or CSRF_COOKIE_SECURE: false, SESSION_COOKIE_SECURE: false
The result errors is same. My enviroment: debian 9.5.0, repository : deb https://images.validation.linaro.org/production-repo stretch-backports main
At 2018-08-06 18:06:12, "Zoran S" <zoran.stojsavljevic.de@gmail.commailto:zoran.stojsavljevic.de@gmail.com> wrote: Did you restart gunicorn?
sudo service lava-server-gunicorn restart
After restart try again!?
_______
Last resort: CSRF checks are implemented in this (?) code (from my colleague, who also investigated this problem):
/srv/kernelci-frontend/app/dashboard/__init__.py
It is out of desperation... Sometimes desperation can do good things!? :-(
Zoran
On Mon, Aug 6, 2018 at 11:26 AM, ljh_dev <ljh_dev@126.commailto:ljh_dev@126.com> wrote: I had made this change in /etc/lava-server/settings.conf, but no changes in result.
At 2018-08-06 16:40:00, "Zoran S" <zoran.stojsavljevic.de@gmail.commailto:zoran.stojsavljevic.de@gmail.com> wrote: Please, try this: CSRF protection
In case of CSRF errors when logging in Lava, read thishttps://staging.validation.linaro.org/static/docs/v2/installing_on_debian.html#django-localhost.
Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to false in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava gunicorn server:
sudo service lava-server-gunicorn restart
_______
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev <ljh_dev@126.commailto:ljh_dev@126.com> wrote: Added a little from previous email ,resend: I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" <ljh_dev@126.commailto:ljh_dev@126.com> wrote: I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" <neil.williams@linaro.orgmailto:neil.williams@linaro.org> 写道: On Fri, 3 Aug 2018 at 10:11, ljh_dev <ljh_dev@126.commailto:ljh_dev@126.com> wrote: Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.orgmailto:Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.orgmailto:neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>>http://you.163.com/item/detail?id=1092001&from=web_gg_mail_jiaobiao_7
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.orgmailto:Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.orgmailto:Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
I had done with you said. It return same error.
At 2018-08-06 18:37:20, "Andrejs Cainikovs" Andrejs.Cainikovs@netmodule.com wrote:
Hi,
Adding:
"CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
to /etc/lava-server/settings.conf *should* fix the issue, since those configuration options are what Django uses for CSRF handling. When I ran into this problem for the first time, I remember I had to go into incognito mode for a successful login attempt. I believe this might be something to do with cookies.
Regards, Andrejs.
From: Lava-users lava-users-bounces@lists.linaro.org on behalf of Karsten Tausche karsten@fairphone.com Sent: Monday, August 6, 2018 12:30:11 PM To: Lava Users Mailman list Subject: Re: [Lava-users] lava-server login error
Hi,
I also never had success with putting these values in /etc/lava-server/settings.conf. Instead, changing them in /usr/lib/python3/dist-packages/lava_server/settings/common.py works. That is far from optimal, as these changes are overwritten when updating LAVA.
Hope that works for you!
Cheers, Karsten
On Mon, Aug 6, 2018 at 12:21 PM, ljh_dev ljh_dev@126.com wrote:
I certainly excuted sudo service lava-server-gunicorn restart. Even including restart computer. And In setting.conf,config item add quotation or not both tried: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false or CSRF_COOKIE_SECURE: false, SESSION_COOKIE_SECURE: false The result errors is same. My enviroment: debian 9.5.0, repository : debhttps://images.validation.linaro.org/production-repostretch-backportsmain
At 2018-08-06 18:06:12, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Did you restart gunicorn?
sudo service lava-server-gunicorn restart
After restart try again!?
_______
Last resort: CSRF checks are implemented in this (?) code (from my colleague, who also investigated this problem):
/srv/kernelci-frontend/app/dashboard/__init__.py
It is out of desperation... Sometimes desperation can do good things!? :-(
Zoran
On Mon, Aug 6, 2018 at 11:26 AM, ljh_dev ljh_dev@126.com wrote:
I had made this change in /etc/lava-server/settings.conf, but no changes in result.
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this:
CSRF protection
In case of CSRF errors when logging in Lava, read this.
Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to false in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava gunicorn server:
sudo service lava-server-gunicorn restart
_______
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>>
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
My colleague showed himself. Andrejs.
Last resort: CSRF checks are implemented in this (?) code (from Andrejs cooking school):
/srv/kernelci-frontend/app/dashboard/__init__.py
Maybe worth experimenting. Thank you for the advice, Andrejs.
Zoran _______
On Mon, Aug 6, 2018 at 12:06 PM, Zoran S zoran.stojsavljevic.de@gmail.com wrote:
Did you restart gunicorn?
sudo service lava-server-gunicorn restart
After restart try again!?
Last resort: CSRF checks are implemented in this (?) code (from my colleague, who also investigated this problem):
/srv/kernelci-frontend/app/dashboard/__init__.py
It is out of desperation... Sometimes desperation can do good things!? :-(
Zoran
On Mon, Aug 6, 2018 at 11:26 AM, ljh_dev ljh_dev@126.com wrote:
I had made this change in /etc/lava-server/settings.conf, but no changes in result.
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this: CSRF protection
In case of CSRF errors when logging in Lava, read this https://staging.validation.linaro.org/static/docs/v2/installing_on_debian.html#django-localhost .
Set *CSRF_COOKIE_SECURE* and *SESSION_COOKIE_SECURE* to *false* in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava *gunicorn* server:
sudo service lava-server-gunicorn restart
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend: I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/ static/docs/v2/installing_on_debian.html#using-localhost-or- non-https-instance-url
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams
neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>> http://you.163.com/item/detail?id=1092001&from=web_gg_mail_jiaobiao_7
Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
From: Lava-users lava-users-bounces@lists.linaro.org on behalf of ljh_dev ljh_dev@126.com Date: Monday, 6 August 2018 at 10:31 To: Zoran S zoran.stojsavljevic.de@gmail.com Cc: Lava Users Mailman list lava-users@lists.linaro.org Subject: Re: [Lava-users] lava-server login error
I had made this change in /etc/lava-server/settings.conf, but no changes in result. I would definitively recommend restarting *all* services on master. There are a bunch of them: # STOP services $ service lava-coordinator stop; service lava-logs stop; service lava-master stop; service lava-publisher stop; service lava-server-gunicorn stop; service lava-slave stop # START services $ service lava-coordinator start; service lava-logs start; service lava-master start; service lava-publisher start; service lava-server-gunicorn start; service lava-slave start
Cheers
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this: CSRF protection
In case of CSRF errors when logging in Lava, read thishttps://staging.validation.linaro.org/static/docs/v2/installing_on_debian.html#django-localhost.
Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to false in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava gunicorn server:
sudo service lava-server-gunicorn restart
_______
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev <ljh_dev@126.commailto:ljh_dev@126.com> wrote: Added a little from previous email ,resend: I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method 1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights method 2. sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" <ljh_dev@126.commailto:ljh_dev@126.com> wrote:
I might not say it clearly, let me repeat it again. According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) . Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page: " You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. " I had added following lines in etc/lava-server/settings.conf: "CSRF_COOKIE_SECURE": false, "SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?). I add a new user by using both methods and both return ok: method1. first: sudo lava-server manage users add <username> --passwd <password> then: sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" <neil.williams@linaro.orgmailto:neil.williams@linaro.org> 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev <ljh_dev@126.commailto:ljh_dev@126.com> wrote: Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties. If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.orgmailto:Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.orgmailto:neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>>http://you.163.com/item/detail?id=1092001&from=web_gg_mail_jiaobiao_7
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.orgmailto:Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
I just did restarting *all* operation,still same errors.
在 2018-08-06 18:29:23,"Diego Russo" Diego.Russo@arm.com 写道:
From: Lava-users lava-users-bounces@lists.linaro.org on behalf of ljh_dev ljh_dev@126.com Date: Monday, 6 August 2018 at 10:31 To: Zoran S zoran.stojsavljevic.de@gmail.com Cc: Lava Users Mailman list lava-users@lists.linaro.org Subject: Re: [Lava-users] lava-server login error
I had made this change in /etc/lava-server/settings.conf, but no changes in result.
I would definitively recommend restarting *all* services on master. There are a bunch of them:
# STOP services
$ service lava-coordinator stop; service lava-logs stop; service lava-master stop; service lava-publisher stop; service lava-server-gunicorn stop; service lava-slave stop
# START services
$ service lava-coordinator start; service lava-logs start; service lava-master start; service lava-publisher start; service lava-server-gunicorn start; service lava-slave start
Cheers
At 2018-08-06 16:40:00, "Zoran S" zoran.stojsavljevic.de@gmail.com wrote:
Please, try this:
CSRF protection
In case of CSRF errors when logging in Lava, read this.
Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to false in Lava server settings:
sudo vi /etc/lava-server/settings.conf
Restart Lava gunicorn server:
sudo service lava-server-gunicorn restart
_______
Hope this helps!
Zoran
On Mon, Aug 6, 2018 at 7:55 AM, ljh_dev ljh_dev@126.com wrote:
Added a little from previous email ,resend:
I might not say it clearly, let me repeat it again.
According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page:
"
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests.
"
I had added following lines in etc/lava-server/settings.conf:
"CSRF_COOKIE_SECURE": false,
"SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?).
I add a new user by using both methods and both return ok:
method 1.
first:
sudo lava-server manage users add <username> --passwd <password>
then:
sudo lava-server manage authorize_superuser --username {username}
//the {username } is created by previous line command,command return for example: User u1 granted superuser rights
method 2.
sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL
At 2018-08-06 13:40:01, "ljh_dev" ljh_dev@126.com wrote:
I might not say it clearly, let me repeat it again.
According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(by command: sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL, and username and passwd are both simple ) .
Accessing main page is ok. When enter Sign in page, input just registered username and password to login then the firefox browser displayed err page:
"
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests.
"
I had added following lines in etc/lava-server/settings.conf:
"CSRF_COOKIE_SECURE": false,
"SESSION_COOKIE_SECURE": false
And reboot computer and login again, the err is still so. Trying disable/enable cookies is still so. At another computer I used chrome browser remote access nava-server,it is still the same err.
I just did some login experiments again,all error same as before. I find when intentional input a err username that does not exist,it return same error page(Is the new user not successfully established?).
I add a new user by using both methods and both return ok:
method1.
first:
sudo lava-server manage users add <username> --passwd <password>
then:
sudo lava-server manage authorize_superuser --username {username} //the {username } is created by previous line command,command return for example: User u1 granted superuser rights
在 2018-08-03 17:16:43,"Neil Williams" neil.williams@linaro.org 写道:
On Fri, 3 Aug 2018 at 10:11, ljh_dev ljh_dev@126.com wrote:
Hi, According to lava installation document ,I had installed lava-server to debian 9.5.0.Creating super user operation is ok(sudo lava-server manage createsuperuser --username $USERNAME --email=$EMAIL) . But when using firefox browser to login in by created name , response message: -- SRF verification failed. Request aborted.
This is covered in the documentation: https://validation.linaro.org/static/docs/v2/installing_on_debian.html#using...
If you are setting up an instance to be used by others, you should set up https:// support - if this is just localhost, you need to tell Django to accept http usage.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests. -- After configured browser to disable cookies,the response is still so.
Jiang Lao
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
--
Neil Williams ============= neil.williams@linaro.org http://www.linux.codehelp.co.uk/
【网易自营|30天无忧退货】爱上书写:施华洛世奇制造商星空原色水晶笔,限时仅29元>>
_______________________________________________ Lava-users mailing list Lava-users@lists.linaro.org https://lists.linaro.org/mailman/listinfo/lava-users
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
-
Andrejs Cainikovs -
Diego Russo -
Karsten Tausche -
ljh_dev -
Neil Williams -
Zoran S