wrong csrf_token


9 posts in this topic Last Reply

Recommended Posts

My syslog is overrun with wrong csrf_token errors generated from the unassigned devices plug in.  This starts immediately after reboot with only one web browser page open so the faq does not seem to be relevant:

https://forums.unraid.net/topic/46802-faq-for-unraid-v6/?do=findComment&comment=545988

 

It did not stop after uninstalling the plugin.

It did not stop after reboot after uninstalling the plugin.

There is no UnassignedDevices.php - at least in /boot/config/plugins/unassigned.devices

 

May 17 08:11:06 NAS root: error: /plugins/unassigned.devices/UnassignedDevices.php: wrong csrf_token
 

 

Edited by RadOD
add
Link to post
5 minutes ago, johnnie.black said:

Yes, thank you.  You might notice is you read the second sentence is that I have seen that.

 

However, as of right now I am only using one browser on one computer after a fresh reboot.  So do you mean I have to go find any and every instance of an open webpage on any computer I might have left open somewhere at any point in the past?  And any phone or tablet that has ControlR? Because this could cover a seriously lot of hardware and a lot of square miles to find!

Link to post
2 minutes ago, RadOD said:

So do you mean I have to go find any and every instance of an open webpage on any computer I might have left open somewhere at any point in the past?  And any phone or tablet that has ControlR?

If it's running yes.

Link to post

netstat -vatn was able to find the source of the problem.  

 

Seems like there should be a server side solution to prevent this.  After a time a client anywhere with a bad CSRF token causes parts of Unraid to stop working - possibly from spamming the syslog. How does this work with multiple users?  Do administrators email all their users asking them to close their forgotten browswer tabs?

Link to post
8 hours ago, RadOD said:

netstat -vatn was able to find the source of the problem.  

 

Seems like there should be a server side solution to prevent this.  After a time a client anywhere with a bad CSRF token causes parts of Unraid to stop working - possibly from spamming the syslog. How does this work with multiple users?  Do administrators email all their users asking them to close their forgotten browswer tabs?

Only the root user (i.e. Administrators) can successfully log into the Unraid Web GUI in the first place.

Link to post
  • 5 months later...

I Tried what you said.  I got this:

 

Ignoring all the 0.0.0.0:

 

tcp        0      0 192.168.1.226:80        192.168.1.25:22943      ESTABLISHED
tcp        0      0 192.168.1.224:80        192.168.1.25:21784      ESTABLISHED
tcp        0      0 192.168.1.226:80        192.168.1.25:22443      ESTABLISHED
tcp        0      0 192.168.1.226:80        192.168.1.25:20441      TIME_WAIT  
tcp        0      0 192.168.1.226:80        192.168.1.25:22952      ESTABLISHED
tcp        0    824 192.168.1.226:80        192.168.1.25:22442      ESTABLISHED
tcp        0      0 192.168.1.226:80        192.168.1.25:22842      ESTABLISHED
tcp        0      0 192.168.1.226:445       192.168.1.25:22246      ESTABLISHED
tcp        0      0 192.168.1.226:80        192.168.1.25:22440      ESTABLISHED
tcp        0      0 192.168.1.226:80        192.168.1.25:22942      ESTABLISHED
tcp        0      0 192.168.1.226:80        192.168.1.25:22441      ESTABLISHED

 

*.226 is the server. as well as *.224 and some others-  it has 6 NICs in total, at least 4 in use, one for BMC, 1 10Gb Direct Connection (both included in that 4- so 2 on general LAN, 1 direct 10gb to my usual PC, and 1 BMC on the LAN - a server controller that goes to BIOS and not OS).

 

*.25 is my desktop.

 

so the question I have is- now what?  What do I do with this information.

 

Do I need to aggressively shut down all the other LAN connections?

 

*****

I should add- removing the plugin made things drammatically worse.  Way more errors.  

That error- which totally innundated the log and ensured I could do nothing else until this was fixed- was -

Nov 1 16:06:14 Unraid nginx: 2020/11/01 16:06:14 [error] 9257#9257: *36088 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.1.25, server: , request: "POST /plugins/unassigned.devices/UnassignedDevices.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "unraid.local", referrer: "http://unraid.local/Main"

For completeness, the error with it installed is:

Nov 1 16:14:46 Unraid root: error: /plugins/unassigned.devices/UnassignedDevices.php: wrong csrf_token

This is irritating.  And while not unfamiliar with linux, I am no pro, so I am out of my depth here.

Edited by AndyT86
additional information
Link to post

Both of the errors are telling you that you have another browser tab (or device) actively sitting on the GUI for Unraid.  csrf is an important security feature, and are assigned randomly at each reboot of the server.

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.