Ok,
it seems it is Chrome related.. :|
I tried with Firefox and Safari and they hit the server only once.
Could someone please confirm he has the same problem with Chrome (build
18.0.8025.142) ??
Le lundi 2 avril 2012 15:31:23 UTC+2, Joseph.Piron a écrit :
>
> Hi all,
>
> I got another problem (today's not my day it seems.. :'( )
>
> I am trying to login through ldap but can't and nailed down another
> problem:
> On a simple login form url "default/user/login?_next=/app/default/index" I
> get the classic login html form but can't succeed to log in.
> Indeed, I traced a bit the code and the problem seems to be in html.py:
>
> in class FORM, accept function, there is:
> if self.session:
> formkey = self.session.get('_formkey[%s]' % self.formname,
> None)
> # check if user tampering with form and void CSRF
> if formkey != self.request_vars._formkey:
> status = False
>
> and formkey is always different from self.request_vars._formkey.
> I also get three times in this function for each click on the login
> button, and the formkey changes and it seems that the value of the second
> or third passage is kept and compared with the one defined in the first
> call and written in the form.
> So of course, I can't login.
>
> It this a well known bug waiting for a patch?
>
> Thanks in advance !!
>
