Good day. One of the members started receiving this message.
422
The change you requested was rejected.
Make sure you have access to the thing you tried to change.
Please contact your GitLab administrator if you think this is a mistake.
From what I read into the formal all tried but nothing helps initially Firefox works, but in Chrome does not work.
I’ll share with the nginx config.
server {
listen 80;
listen 443 ssl;
listen [::]:80;
listen [::]:443 ssl;
server_tokens off;
access_log off;
ssl_certificate /etc/gitlab/ssl/gitlab.mydomain.com.crt;
ssl_certificate_key /etc/gitlab/ssl/gitlab.mydomain.com.key;
ssl_trusted_certificate /etc/gitlab/ssl/fullchain.pem;
return 301 https://gitlab.mydomain.com$request_uri;
rewrite ^(.*) https://gitlab.mydomain.com$request_uri? redirect;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_tokens off;
server_name gitlab.mydomain.com;
access_log /var/log/nginx/ssl-access.log main;
error_log /var/log/nginx/ssl-error.log;
ssl_certificate /etc/gitlab/ssl/gitlab.mydomain.com.crt;
ssl_certificate_key /etc/gitlab/ssl/gitlab.mydomain.com.key;
ssl_trusted_certificate /etc/gitlab/ssl/fullchain.pem;
client_max_body_size 0;
location / {
add_header 'Access-Control-Allow-Origin' '*';
gzip off;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://127.0.0.1:8081;
}
}
And log:
Parameters: {“utf8”=>“✓”, “authenticity_token”=>"[FILTERED]", “user”=>{“login”=>“user_email”, “password”=>"[FILTERED]", “remember_me”=>$
Can’t verify CSRF token authenticity.
Completed 422 Unprocessable Entity in 2ms (ActiveRecord: 0.0ms | Elasticsearch: 0.0ms | Allocations: 362)
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
Firefox:
curl ‘https://gitlab.mydomain.com/users/sign_in’ -H ‘User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0’ -H ‘Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8’ -H ‘Accept-Language: en-US,en;q=0.5’ --compressed -H ‘Referer: https://gitlab.mydomain.com/users/sign_in’ -H ‘Content-Type: application/x-www-form-urlencoded’ -H ‘Origin: https://gitlab.mydomain.com’ -H ‘DNT: 1’ -H ‘Connection: keep-alive’ -H ‘Cookie: sidebar_collapsed=false; event_filter=all; _gitlab_session=29b489346b55adbf21436f281a7e5a50; diff_view=inline; collapsed_gutter=true’ -H ‘Upgrade-Insecure-Requests: 1’ --data-raw ‘utf8=%E2%9C%93&authenticity_token=user_tokenlogin%5D=username%40kobil.com&user%5Bpassword%5D=<>&user%5Bremember_me%5D=0’
Chrome:
curl ‘https://gitlab.mydomain.com/users/sign_in’ -H ‘Pragma: no-cache’ -H ‘Origin: https://gitlab.mydomain.com’ -H ‘Accept-Encoding: gzip, deflate, br’ -H ‘Accept-Language: en-US,en;q=0.9,ru;q=0.8’ -H ‘Upgrade-Insecure-Requests: 1’ -H ‘User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36’ -H ‘Content-Type: application/x-www-form-urlencoded’ -H ‘Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8’ -H ‘Cache-Control: no-cache’ -H ‘Referer: https://gitlab.mydomain.com/users/sign_in’ -H ‘Connection: keep-alive’ -H ‘DNT: 1’ --data ‘utf8=%E2%9C%93&authenticity_token=user_tokenlogin%5D=username%40kobil.com&user%5Bpassword%5D=<>&user%5Bremember_me%5D=0&user%5Bremember_me%5D=1’ --compressed