Problem with new BO Token Protection in Prestashop 8.0.3

[lowergear]

With token protection enabled under "security", any preference setting change in back office parameters area results in getting kicked out of session and 404 error is thrown.  Have to clear browser cache to be able to access the login page again. Problem in both Chrome and Firefox.  However, when I get logged back in, I note that the change I was trying to make when kicked out did take effect.  Changes in products, categories or cms page will save as normal - no kick out.

If I disable token protection, there are no kickout/404 error issues.

Any suggestions on finding the conflict when token protection is enabled?

 

 

 

 

 

[AddWeb Solution]

On 5/15/2023 at 9:53 AM, lowergear said:

With token protection enabled under "security", any preference setting change in back office parameters area results in getting kicked out of session and 404 error is thrown.  Have to clear browser cache to be able to access the login page again. Problem in both Chrome and Firefox.  However, when I get logged back in, I note that the change I was trying to make when kicked out did take effect.  Changes in products, categories or cms page will save as normal - no kick out.

If I disable token protection, there are no kickout/404 error issues.

Any suggestions on finding the conflict when token protection is enabled?

 

 

 

 

 

Hi,

• Look into your server's error logs
• Enable PrestaShop's debug mode and check what's the error.
• When the 404 error occurs, open your browser's developer tools, navigate to the "Console" tab. Any JavaScript errors or additional information might be displayed there.
• Token protection involves generating and validating tokens for each request. There might be an issue with how tokens are being generated or validated. Inspect the relevant code in PrestaShop to see if there's a flaw in this process.

Let me know If you found any error in logs during 404 issue to debug.

Thanks!