Forbidden

Question

Forbidden

nathany opened this issue 10 years ago · comments

When pressing Retry on a failed job, we see a page that says "Forbidden".

This seems to have been introduced in 1.2.6/1.2.7.

Tim Lucas · Answer 1 · Fri Mar 14 2014 12:41:38 GMT+0800 (China Standard Time)

This would be related to #57 which returns forbidden if the submitted CSRF token doesn't match. It could be a more general problem with the session store. Could you inspect the form to see if it does have the CSRF token?

Nathan Youngman · Answer 2 · Sat Mar 15 2014 01:21:35 GMT+0800 (China Standard Time)

No CSRF token here:

<form action="/delayed_job/requeue/all" method="POST">
    <input type="submit" value="Retry Failed Jobs">
</form>

Fyi, we use the activerecord-session_store gem (if that matters).

Rails 4.0.3, Ruby 2.1.1

Tim Lucas · Answer 3 · Sat Mar 15 2014 17:02:55 GMT+0800 (China Standard Time)

@nathany I couldn't replicate this locally.

Could you update your Gemfile with the #62 fixes and let me know if that fixes it?

gem "delayed_job_web", github: "toolmantim/delayed_job_web", branch: "fix-rails-sessions"

Kaz Okui · Answer 4 · Fri Apr 18 2014 10:08:03 GMT+0800 (China Standard Time)

I'm getting this issue again. This time, only on staging / production (on Heroku) but there's no useful log besides 403 error. It somehow works on dev environment so I can't get any information about this, but might be related with updating Rails 4.1...

Nathan Youngman · Answer 5 · Fri Apr 18 2014 10:39:16 GMT+0800 (China Standard Time)

We're locked at 1.2.5.