SilverStripe: There seems to have been a technical problem

From FVue
Jump to: navigation, search

Problem

Within a SilverStripe project, after a successful submit, clicking the back button and submitting the form again, results in this error message (CSRF_FAILED_MESSAGE): 

There seems to have been a technical problem. 
Please click the back button, refresh your browser, and try again.

Environment

  • SilverStripe-3.0.5

Cause

After a successful submit, the form does a Session::clear_all(), which clears the $_SESSION['SecurityID'] variable.

Solution 1. Clear session partially

Instead of a clear_all(), do this: 

Session::clear("FormInfo");

Solution 2. Force form-reload after redirect-back

The webbrowser can be forced to load a fresh form, with a new SecurityID, upon going back. This requires sending the Cache-Control: no-store http-header. This can be done by extending the Page_Controller like this: 

public function handleRequest(SS_HTTPRequest $request, DataModel $model) {
    $body = parent::handleRequest($request, $model);
    $body->addHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate, no-transform");
    return $body;
}
Retrieved from "https://fvue.nl/w/index.php?title=SilverStripe:_There_seems_to_have_been_a_technical_problem&oldid=10792"