Boggimedes

Boggimedes

Member Since 1 Month Ago

Experience Points
170
Total
Experience

4,830 experience to go until the next level!

In case you were wondering, you earn Laracasts experience when you:

  • Complete a lesson — 100pts
  • Create a forum thread — 50pts
  • Reply to a thread — 10pts
  • Leave a reply that is liked — 50pts
  • Receive a "Best Reply" award — 500pts
Lessons Completed
0
Lessons
Completed
Best Reply Awards
0
Best Reply
Awards
  • start your engines Created with Sketch.

    Start Your Engines

    Earned once you have completed your first Laracasts lesson.

  • first-thousand Created with Sketch.

    First Thousand

    Earned once you have earned your first 1000 experience points.

  • 1-year Created with Sketch.

    One Year Member

    Earned when you have been with Laracasts for 1 year.

  • 2-years Created with Sketch.

    Two Year Member

    Earned when you have been with Laracasts for 2 years.

  • 3-years Created with Sketch.

    Three Year Member

    Earned when you have been with Laracasts for 3 years.

  • 4-years Created with Sketch.

    Four Year Member

    Earned when you have been with Laracasts for 4 years.

  • 5-years Created with Sketch.

    Five Year Member

    Earned when you have been with Laracasts for 5 years.

  • school-in-session Created with Sketch.

    School In Session

    Earned when at least one Laracasts series has been fully completed.

  • welcome-newcomer Created with Sketch.

    Welcome To The Community

    Earned after your first post on the Laracasts forum.

  • full-time-student Created with Sketch.

    Full Time Learner

    Earned once 100 Laracasts lessons have been completed.

  • pay-it-forward Created with Sketch.

    Pay It Forward

    Earned once you receive your first "Best Reply" award on the Laracasts forum.

  • subscriber Created with Sketch.

    Subscriber

    Earned if you are a paying Laracasts subscriber.

  • lifer Created with Sketch.

    Lifer

    Earned if you have a lifetime subscription to Laracasts.

  • evangelist Created with Sketch.

    Laracasts Evangelist

    Earned if you share a link to Laracasts on social media. Please email [email protected] with your username and post URL to be awarded this badge.

  • chatty-cathy Created with Sketch.

    Chatty Cathy

    Earned once you have achieved 500 forum replies.

  • lara-veteran Created with Sketch.

    Laracasts Veteran

    Earned once your experience points passes 100,000.

  • 10k-strong Created with Sketch.

    Ten Thousand Strong

    Earned once your experience points hits 10,000.

  • lara-master Created with Sketch.

    Laracasts Master

    Earned once 1000 Laracasts lessons have been completed.

  • laracasts-tutor Created with Sketch.

    Laracasts Tutor

    Earned once your "Best Reply" award count is 100 or more.

  • laracasts-sensei Created with Sketch.

    Laracasts Sensei

    Earned once your experience points passes 1 million.

  • top-50 Created with Sketch.

    Top 50

    Earned once your experience points ranks in the top 50 of all Laracasts users.

Level 1
170 XP
Sep
25
4 weeks ago
Activity icon

Replied to CSRF Started Failing In My Dev Environment

Yep, 100%. Just happened weeks ago. I was confident it was MY issue, not a laravel bug, that's why I posted here. Thank you for all the help and suggestions.

Activity icon

Awarded Best Reply on CSRF Started Failing In My Dev Environment

I'll look up XDebug and see if that is a good option for us. I can't just fire up a new environment because creating a new coding environment 2-3 times a week to deal with a caching issue isn't very practical.

So looking through the browser data difference from my sandbox and my development environment I'm seeing that the session isn't being stored in the cookie for my test environment. So dev tools -> application -> cookies -> staging has "amply_session", but DT->app->cookies->dev has no such value.

Ok, I think I have it. It is an issue with cookies and http/s and secure headers. A few weeks back I added some secure headers for a SalesForce security review. With caching and the fact that I don't test forms every day I didn't run across the issue until now. Not sure why it worked when I first launched the env, but whatever.

The solution was to disable SESSION_SECURE_COOKIE in my development env file.

Activity icon

Replied to CSRF Started Failing In My Dev Environment

I'll look up XDebug and see if that is a good option for us. I can't just fire up a new environment because creating a new coding environment 2-3 times a week to deal with a caching issue isn't very practical.

So looking through the browser data difference from my sandbox and my development environment I'm seeing that the session isn't being stored in the cookie for my test environment. So dev tools -> application -> cookies -> staging has "amply_session", but DT->app->cookies->dev has no such value.

Ok, I think I have it. It is an issue with cookies and http/s and secure headers. A few weeks back I added some secure headers for a SalesForce security review. With caching and the fact that I don't test forms every day I didn't run across the issue until now. Not sure why it worked when I first launched the env, but whatever.

The solution was to disable SESSION_SECURE_COOKIE in my development env file.

Activity icon

Replied to CSRF Started Failing In My Dev Environment

Nothing, which is what makes this so infuriating. End of the day Tuesday with the new environment I had brought up, submitting forms was successful.

Wed/Thursday I was off work

Come back today and fire up my (new) development environment, use artisan to start the server, to go the webpage with a form, submit: 419. Just like before, every time I refresh the form page it generates a new _token value and every form submission is rejected.

The only other difference between Dev and Prod/Staging is they are https as where my dev environment is http. But I cannot imagine how that would be causing this since I've worked with this setup for the past 18 months.

Activity icon

Replied to CSRF Started Failing In My Dev Environment

OK, so the problem resurfaced on my new environment. So... keep the suggestions coming I guess?

Exactly the same as last time. Everything was fine when I logged out Tuesday, Fired up everything today and I'm getting nothing but 419 when I submit forms in Test.

Sep
22
1 month ago
Activity icon

Replied to CSRF Started Failing In My Dev Environment

None of the solutions offered worked. I finally threw in the towel and fired up a new environment. Fresh install seems to have resolved the issue. Friggin ghosts in the machine...

Activity icon

Replied to CSRF Started Failing In My Dev Environment

Hmmm, Session files are being created as ubuntu:ubuntu rather than www-data. Is that normal?

Activity icon

Replied to CSRF Started Failing In My Dev Environment

Firefox, Chrome, MS Edge, and Opera. Same. :/

Activity icon

Replied to CSRF Started Failing In My Dev Environment

So confirmed, I added a value to the session on my "about page", it did not persist to the next page I viewed, but it WAS written in the session file.

Activity icon

Replied to CSRF Started Failing In My Dev Environment

Yeah, I tried clearing caches and removing the vendor folder as well, without success.

So I decided to try updating Laravel because other than that all I can think of is a wipe and recreate which I really do not have time for.

So after the update and re-clearing everything. "file" for session driver is now successfully creating session files (YAY!!). But they still do not persist (Boo!!), so if I hit refresh on my homepage 6 times, I get 6 new session files.

Activity icon

Replied to CSRF Started Failing In My Dev Environment

file has the same problem. The folder has correct permissions

drwxrwxr-x+ 6 www-data www-data 4096 Mar 22 2020 . drwxrwxr-x+ 5 www-data www-data 4096 Mar 22 2020 .. -rwxrwxr-x 1 www-data www-data 103 Mar 22 2020 .gitignore drwxrwxr-x+ 3 www-data www-data 4096 Mar 22 2020 cache drwxrwxr-x+ 2 www-data www-data 4096 Mar 22 2020 sessions drwxrwxr-x+ 3 www-data www-data 4096 Mar 28 16:09 testing drwxrwxr-x+ 2 www-data www-data 4096 Sep 22 15:38 views

But no files are created in the session folder.

Activity icon

Replied to CSRF Started Failing In My Dev Environment

Thank you for your ideas!

@laracoft Composer Update: updated a handful of packages, but still getting 419.

@jlrdw Laravel version 6.18.40 Same server with no code changes. Literally this is: working when I shut down Saturday, Not working when I powered on Sunday. I tried reverting back to master, and it makes no difference.

Tested on a regular page and Sessions are NOT being written. However, redis (my session driver) is working. I can store and pull data without issue. So, what else could be interfering with session storage?

Login and authentication is through JWT and it is working.

I added routes for the new form endpoints, but reverting to master doesn't resolve so it has to be something else. I just cannot think of what it could be.

Sep
21
1 month ago
Activity icon

Replied to CSRF Started Failing In My Dev Environment

All Browsers. :/ I tested after I posted. Had that moment of: "Waaaaaaait a minute....." But no luck.

Activity icon

Started a new Conversation CSRF Started Failing In My Dev Environment

Saturday, everything works fine. Sunday, no changes, but now every form I submit returns a 419 error.

Revert to master branch: Same issue (the same branch that is currently working on production) Tested redis, values are successfully saved and retrieved These are straight HTTP form submissions, no ajax.

Looking at the code the CSRF code is being inserted into my form, but unlike on my production and sandbox servers, every time I refresh the page, it generates a new token. So the session/token isn't persisting?

I've changed the session driver to file to see if that had any effect, and it did not.

so... WTH?? I'm out of ideas.