We use cookies to improve your experience. No personal information is gathered and we don't serve ads. Cookies Policy.

ExpressionEngine
Log In Sign Up

Secure Cookies - Form Failures

How Do I?

xcl's avatar
xcl
104 posts
4 years ago
xcl's avatar xcl

Would there be a reason that a form fails with ” This form has expired. Please refresh and try again.” when cookie_secure is set to y?

Removing the override in the config so that it is not secure submits without issue.

       
Andy McCormick's avatar
Andy McCormick
183 posts
4 years ago
Andy McCormick's avatar Andy McCormick

Is this a new issue, as in did you update the cookie settings and then try to send the form? If so, I’d try clearing all your cache and cookies and trying everything again.

       
xcl's avatar
xcl
104 posts
4 years ago
xcl's avatar xcl

I tested that and the same problem.

New browser session with zero cookies. It picks up the new cookies with Secure = yes.

Any submission of any form gives that error.

Only when cookie_secure is set back to n does it work.

       
Andy McCormick's avatar
Andy McCormick
183 posts
4 years ago
Andy McCormick's avatar Andy McCormick

Is this any form on the front-end, but you can log in to the Control Panel and update entries, or is this any form anywhere? I don’t remember seeing this behavior anywhere, but trying to get all information for others who might have seen it.

       
xcl's avatar
xcl
104 posts
4 years ago
xcl's avatar xcl

Only submission/contact forms on the websites.

Anything within the GUI/admin works just fine.

       
Andy McCormick's avatar
Andy McCormick
183 posts
about 4 years ago
Andy McCormick's avatar Andy McCormick

@xcl, any luck with this? Sorry I haven’t been able to follow up in the last few days.

       
xcl's avatar
xcl
104 posts
about 4 years ago
xcl's avatar xcl

None i’m afraid.

Tried on new site with default config and see the same behaviour.

       
Andy McCormick's avatar
Andy McCormick
183 posts
about 4 years ago
Andy McCormick's avatar Andy McCormick

to be clear, you’re accessing the site using https and all of your assets, links, everything all link to https versions of your site, correct?

       
xcl's avatar
xcl
104 posts
about 4 years ago
xcl's avatar xcl

Yes, we don’t use http:// at all.

The form is submissing to a secure page but no matter what, any submission when secure cookies are on, generate the standard EE page saying “This form has expired. Please refresh and try again”.

Is there any other way to debug this?

       
Sungod's avatar
Sungod
4 posts
about 4 years ago
Sungod's avatar Sungod

Are you using Cloudflare? Are you using Tag caching?

       
Sungod's avatar
Sungod
4 posts
about 4 years ago
Sungod's avatar Sungod

I meant Template caching, edit of forum not working for me.

       
Sobral's avatar
Sobral
86 posts
about 4 years ago
Sobral's avatar Sobral

Dumb question! Are the timezone settings right?

       
xcl's avatar
xcl
104 posts
about 4 years ago
xcl's avatar xcl

@sungod - CF, no. Template caching, yes. I’ll try changing that.

@robson - I believe so, posting tests and updating pages gives the current localised time and that is to the second.

       
Andy McCormick's avatar
Andy McCormick
183 posts
about 4 years ago
Andy McCormick's avatar Andy McCormick

Is this a public-facing page that I can review? I’ve also shared this post over on the EECMS Slack in case others in the community have experienced this before.

       
xcl's avatar
xcl
104 posts
about 4 years ago
xcl's avatar xcl

Not public at this time.

I’ve done a new install of EE on a different server (internal) and see the same very issue.

Is there anyway to debug this at all as even enabling that in the config and GUI gives no useful data.

       

Reply

Sign In To Reply

ExpressionEngine Home Features Pro Contact Version Support
Learn Docs University Forums
Resources Support Add-Ons Partners Blog
Privacy Terms Trademark Use License

Packet Tide owns and develops ExpressionEngine. © Packet Tide, All Rights Reserved.