You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by "RamiAly (via GitHub)" <gi...@apache.org> on 2023/01/27 22:40:33 UTC
[GitHub] [superset] RamiAly opened a new issue, #22873: Superset CSRF Token missing error
RamiAly opened a new issue, #22873:
URL: https://github.com/apache/superset/issues/22873
I get an error when accessing dashboards and only dashboards and not chart like the image beneath,
after tracing error in the superset container i got that error .
I am running superset via k8s helm chart
Refresh CSRF token error │
│ Traceback (most recent call last): │
│ File "/usr/local/lib/python3.8/site-packages/flask_wtf/csrf.py", line 261, in protect │
│ validate_csrf(self._get_csrf_token()) │
│ File "/usr/local/lib/python3.8/site-packages/flask_wtf/csrf.py", line 100, in validate_csrf │
│ raise ValidationError("The CSRF token is missing.") │
│ wtforms.validators.ValidationError: The CSRF token is missing. │
│ │
│ During handling of the above exception, another exception occurred: │
│ │
│ Traceback (most recent call last): │
│ File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1515, in full_dispatch_request │
│ rv = self.preprocess_request() │
│ File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1857, in preprocess_request │
│ rv = self.ensure_sync(before_func)() │
│ File "/usr/local/lib/python3.8/site-packages/flask_wtf/csrf.py", line 229, in csrf_protect │
│ self.protect() │
│ File "/usr/local/lib/python3.8/site-packages/flask_wtf/csrf.py", line 264, in protect │
│ self._error_response(e.args[0]) │
│ File "/usr/local/lib/python3.8/site-packages/flask_wtf/csrf.py", line 307, in _error_response │
│ raise CSRFError(reason) │
│ flask_wtf.csrf.CSRFError: 400 Bad Request: The CSRF token is missing.
![open](https://user-images.githubusercontent.com/61504982/214950260-cf5bdc86-e47e-402b-a130-9acd1f8b5d3e.png)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
Re: [I] Superset CSRF Token missing error [superset]
Posted by "avitaltwingo (via GitHub)" <gi...@apache.org>.
avitaltwingo commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1895883972
> AFTER 3 HOUR!!!! Just[ this Russian site](https://superset-bi.ru/superset-3-talisman-security-considerations-csp-requirements/#%D0%B4%D0%BB%D1%8F_http_%D0%BF%D1%80%D0%B8_%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B5_TALISMAN_ENABLED_False) helped me! you should do to superset/config.py and search for TALISMAN_ENABLED and set it to false
>
> TALISMAN_ENABLED = False (my full address of superset/config.py is like so: /root/venv/lib/python3.10/site-packages/superset/config.py
>
> if you cant find it run this command: find . -name config.py )
Thank you!! Saved me precious time.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
Re: [I] Superset CSRF Token missing error [superset]
Posted by "amirhosseinkabiri (via GitHub)" <gi...@apache.org>.
amirhosseinkabiri commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1868962367
AFTER 3 HOUR!!!! Just[ this Russian site](https://superset-bi.ru/superset-3-talisman-security-considerations-csp-requirements/#%D0%B4%D0%BB%D1%8F_http_%D0%BF%D1%80%D0%B8_%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B5_TALISMAN_ENABLED_False) helped me!
you should do to superset/config.py and search for TALISMAN_ENABLED and set it to false
TALISMAN_ENABLED = False
(my full address of superset/config.py is like so:
/root/venv/lib/python3.10/site-packages/superset/config.py
if you cant find it run this command:
find . -name config.py
)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
Re: [I] Superset CSRF Token missing error [superset]
Posted by "Nikoslav (via GitHub)" <gi...@apache.org>.
Nikoslav commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1772220177
In config set:
TALISMAN_ENABLED = utils.cast_to_boolean(os.environ.get("TALISMAN_ENABLED", False))
This helped me.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] BoogalooLi commented on issue #22873: Superset CSRF Token missing error
Posted by "BoogalooLi (via GitHub)" <gi...@apache.org>.
BoogalooLi commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1606911629
While login with the newest version (Version: 0.0.0-dev), I come up with the same error. There is a useful help on stackoverflow(https://stackoverflow.com/questions/76537655/after-log-in-to-superset-redirect-fialed). But it doesn't work to me.
`123.1.253.113 - - [26/Jun/2023:07:35:03 +0000] "GET /login/?next=http://58.177.151.102:8088/superset/welcome/ HTTP/1.1" 200 51415 "[http://58.177.151.102:8088/superset/welcome/"](http://58.177.151.102:8088/superset/welcome/%22) "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.58"
2023-06-26 07:35:22,166:INFO:flask_wtf.csrf:The CSRF session token is missing.
Refresh CSRF token error
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 261, in protect
validate_csrf(self._get_csrf_token())
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 103, in validate_csrf
raise ValidationError("The CSRF session token is missing.")
wtforms.validators.ValidationError: The CSRF session token is missing.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1821, in full_dispatch_request
rv = self.preprocess_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2313, in preprocess_request
rv = self.ensure_sync(before_func)()
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 229, in csrf_protect
self.protect()
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 264, in protect
self._error_response(e.args[0])
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 307, in _error_response
raise CSRFError(reason)
flask_wtf.csrf.CSRFError: 400 Bad Request: The CSRF session token is missing.
2023-06-26 07:35:22,166:WARNING:superset.views.base:Refresh CSRF token error
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 261, in protect
validate_csrf(self._get_csrf_token())
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 103, in validate_csrf
raise ValidationError("The CSRF session token is missing.")
wtforms.validators.ValidationError: The CSRF session token is missing.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1821, in full_dispatch_request
rv = self.preprocess_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2313, in preprocess_request
rv = self.ensure_sync(before_func)()
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 229, in csrf_protect
self.protect()
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 264, in protect
self._error_response(e.args[0])
File "/usr/local/lib/python3.9/site-packages/flask_wtf/csrf.py", line 307, in _error_response
raise CSRFError(reason)
flask_wtf.csrf.CSRFError: 400 Bad Request: The CSRF session token is missing.`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
Re: [I] Superset CSRF Token missing error [superset]
Posted by "janhavitripurwar (via GitHub)" <gi...@apache.org>.
janhavitripurwar commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1772213741
Is this issue solved ? I am facing the same error while logging to Superset.
I am following this : https://superset.apache.org/docs/installation/installing-superset-from-scratch/
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] ShaliniIruvuru commented on issue #22873: Superset CSRF Token missing error
Posted by "ShaliniIruvuru (via GitHub)" <gi...@apache.org>.
ShaliniIruvuru commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1517704631
Didn’t get any error while accessing dashboards.
Screenshots:-
![image](https://user-images.githubusercontent.com/115684419/233628376-2bbbe79e-a4ac-4266-8694-b69e7ccf8cc4.png)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
Re: [I] Superset CSRF Token missing error [superset]
Posted by "Nikoslav (via GitHub)" <gi...@apache.org>.
Nikoslav commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1746694128
Did you manage to solve this? I have the same issue on 3.0.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] RamiAly closed issue #22873: Superset CSRF Token missing error
Posted by "RamiAly (via GitHub)" <gi...@apache.org>.
RamiAly closed issue #22873: Superset CSRF Token missing error
URL: https://github.com/apache/superset/issues/22873
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
Re: [I] Superset CSRF Token missing error [superset]
Posted by "dotmitsu (via GitHub)" <gi...@apache.org>.
dotmitsu commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1820693162
Same error and login doesn't work
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
Re: [I] Superset CSRF Token missing error [superset]
Posted by "Davidkramer1999 (via GitHub)" <gi...@apache.org>.
Davidkramer1999 commented on issue #22873:
URL: https://github.com/apache/superset/issues/22873#issuecomment-1990965243
I'm expeircing quite simmilar issue so getting "400 Bad Request: The CSRF token is missing." When trying to import Dasboard trought API so /api/v1/dashboard/import. I have disabled ``` TALISMAN_ENABLED = False```. Intristing part is that troguht UI everything wokrs as it should...
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org