SilverStripe: There seems to have been a technical problem
From FVue
Contents
Problem
Within a SilverStripe project, after a successful submit, clicking the back button and submitting the form again, results in this error message (CSRF_FAILED_MESSAGE):
There seems to have been a technical problem. Please click the back button, refresh your browser, and try again.
Environment
- SilverStripe-3.0.5
Cause
After a successful submit, the form does a Session::clear_all()
, which clears the $_SESSION['SecurityID'] variable.
Solution 1. Clear session partially
Instead of a clear_all()
, do this:
Session::clear("FormInfo");
Solution 2. Force form-reload after redirect-back
The webbrowser can be forced to load a fresh form, with a new SecurityID, upon going back. This requires sending the Cache-Control: no-store
http-header. This can be done by extending the Page_Controller like this:
public function handleRequest(SS_HTTPRequest $request, DataModel $model) { $body = parent::handleRequest($request, $model); $body->addHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate, no-transform"); return $body; }