Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Jeroen Breuer 4908 posts 12265 karma points MVP 4x admin c-trib
    Jan 21, 2015 @ 09:59
    Jeroen Breuer
    1

    417 Missing token in the backoffice

    Hello,

    I get the following errors in the backoffice.

    Failed to load resource: the server responded with a status of 417 (Missing token null) http://www.abc.com/umbraco/Api/UpdateCheck/GetCheck

    Failed to load resource: the server responded with a status of 417 (Missing token null) http://www.abc.com/umbraco/UmbracoApi/Section/GetSections

    Failed to load resource: the server responded with a status of 417 (Missing token null) http://www.abc.com/umbraco/UmbracoApi/Dashboard/GetDashboard?section=content

    Failed to load resource: the server responded with a status of 417 (Missing token null) http://www.abc.com/umbraco/UmbracoApi/Authentication/GetRemainingTimeoutSeconds

    I've already seen this topic, but it's not server related: http://our.umbraco.org/forum/umbraco-7/using-umbraco-7/47340-Umbraco-7-plus-ISA-Server-2006.

    This happens when I do the following:

    1. I set a session called ArchetypeTempNodeId in the ContentService.Created += Content_New event.

    2. Because the ContentService.Created is called with the WebAPI I need to enable sessions for that: http://stackoverflow.com/a/15038669/159153

    3. I get the session data in the code where I intercept the WebAPI call. https://github.com/jbreuer/Hybrid-Framework-for-Umbraco-v7-Clean/blob/master/Umbraco.Extensions/Utilities/WebApiHandler.cs#L29

    So somehow when I set a session in the WebAPI I get this error. If I remove the session code I don't get this exception.

    Jeroen

  • Jeroen Breuer 4908 posts 12265 karma points MVP 4x admin c-trib
    Jan 26, 2015 @ 17:23
    Jeroen Breuer
    0

    Anyone had this before?

    Jeroen

  • Robin Crama 5 posts 56 karma points
    Feb 26, 2015 @ 11:26
    Robin Crama
    0

    Hi Jeroen,

    I have the same issue, for me it occurs when i login to the site, so probably something is happening with the authentication.

    Anyone has an solution to this problem?

    Gr. Robin.

  • Jeroen Breuer 4908 posts 12265 karma points MVP 4x admin c-trib
    Feb 26, 2015 @ 12:03
    Jeroen Breuer
    0

    The moment a cookie is set it goes wrong. In your case when a member does a login.

    Jeroen

  • Robin Crama 5 posts 56 karma points
    Feb 26, 2015 @ 13:13
    Robin Crama
    0

    Any luck fixing it yet?

  • Jeroen Breuer 4908 posts 12265 karma points MVP 4x admin c-trib
    Feb 26, 2015 @ 13:16
    Jeroen Breuer
    0

    Nope sorry I just made sure no cookie was set.

    Jeroen

  • Flavio Spezi 128 posts 314 karma points
    Apr 15, 2015 @ 17:55
    Flavio Spezi
    0

    I am the same issue.

    I think that the issue fires when I take 2 pages opened in same browser. One in frontend and one in backoffice.
    The issue fires 75% of times that I try to save a content or go to another content.

    How can I solve it?

  • andrew shearer 506 posts 652 karma points
    Jun 30, 2015 @ 05:35
    andrew shearer
    0

    hi Jeroen - did you ever find out what was causing this and if there is a known fix? We're seeing this sporadically on a 7.2.5 site. thanks

  • Flavio Spezi 128 posts 314 karma points
    Jun 30, 2015 @ 08:20
  • Flavio Spezi 128 posts 314 karma points
    Sep 04, 2015 @ 17:36
    Flavio Spezi
    1

    I found the solution in my code.

    The issue was fired when javascript call a API Controller. This API had SetAngularAntiForgeryTokens attribute that reset XSRF cookie.
    Look here: http://issues.umbraco.org/issue/U4-4149

    I removed the attribute from method, then backoffice works properly.

  • Matthew Kirschner 323 posts 611 karma points
    Oct 06, 2015 @ 17:32
    Matthew Kirschner
    1

    I'm having a similar issue. I've only been able to fix it by resetting the site on the server. Also only happens on FireFox. Chrome eventually loads the links and dashboard, but it is notably slower than normal.

    I posted another topic here: https://our.umbraco.org/forum/umbraco-7/using-umbraco-7/71950-bug-empty-dashboard-firefox

    This is a serious problem for my users.

  • Jamie Hall 7 posts 77 karma points
    Sep 20, 2016 @ 15:17
    Jamie Hall
    0

    I had the same issue. I cleared my cookies and now it works fine.

  • Rasmus Eeg 91 posts 457 karma points c-trib
    May 24, 2017 @ 07:30
    Rasmus Eeg
    0

    I had to clear my browser (chrome) cache using the tools availble to do so.

  • André Lange 108 posts 410 karma points
    May 31, 2017 @ 12:47
    André Lange
    0

    i am having the same issue on several solutions... a proper fix to this would be greatly appreciated...

  • Pradip 24 posts 116 karma points
    Jun 08, 2017 @ 10:53
    Pradip
    0

    Hello All,

    I am facing the same issue with Umbraco version 7.1.4 assembly: 1.0.5261.28127

    Not able to find the below files in umbraco folder :

    umbraco/backoffice/UmbracoApi/UpdateCheck/GetCheck Failed to load resource: the server responded with a status of 417 (Missing token)

    umbraco/backoffice/UmbracoApi/Section/GetSections Failed to load resource: the server responded with a status of 417 (Missing token)

    umbraco/backoffice/UmbracoApi/Dashboard/GetDashboard?section=content Failed to load resource: the server responded with a status of 417 (Missing token)

    umbraco/backoffice/UmbracoApi/Authentication/GetRemainingTimeoutSeconds Failed to load resource: the server responded with a status of 417 (Missing token)

    Also I don't have backoffice folder in the installed umbraco site folder.

    Help me its urgent.

    Thanks in advance. Pradip

  • Rasmus Eeg 91 posts 457 karma points c-trib
    Jun 08, 2017 @ 15:43
    Rasmus Eeg
    0

    Have you tried clearing the browser cache? Try another browser

  • Pradip 24 posts 116 karma points
    Jun 09, 2017 @ 05:59
    Pradip
    0

    Yes, It's not working.

  • David 28 posts 156 karma points
    Jun 12, 2017 @ 07:30
    David
    0

    Hello,

    I've got the same issue. After pressing F5 to refresh the page, the Back-End works. But this solution can't be the fix for this. Does anyone found a better solution?

  • Daniel Reagan 19 posts 71 karma points
    Jun 13, 2017 @ 13:08
    Daniel Reagan
    0

    Umbraco 7.2.8 -- Server 2012 sp1

    removing KB4014604 fixed the issue for us

  • David 28 posts 156 karma points
    Jun 13, 2017 @ 13:30
    David
    0

    Hi Daniel,

    thank you for your answer. KB4014604 isn't even installed on my computer. :(

  • Daniel Reagan 19 posts 71 karma points
    Jun 13, 2017 @ 13:35
    Daniel Reagan
    0

    Some of the other comments (related threads) have mentioned the 4.7 framework (which we didn't have on our server) which I am sure includes some of the same fixes for .net that were in that KB4014604.

    So if you have framework 4.7 installed on your computer that may be it.

    I have also read that upgrading past 7.3 fixes it (we're on 7.2.8) I will give that a shot later in the day to see if it works and report back.

  • David 28 posts 156 karma points
    Jun 14, 2017 @ 14:26
    David
    0

    Hi guys,

    I fixed it finally! I have severall Umbraco Projects with diffrent versions. 7.2.4 - Login Bug 7.2.1 - Login Bug 7.2.1 - Login Bug 7.3.0 - No Bug 7.4.3 - No Bug

    So i decided to Upgrade the 7.2.x Projects to 7.3.0 and the bug was fixed.

    I hope i could help some of you with this result.

    I did this in visual studio 2015 via Nuget packet Manager with the following command.

    Update-Package UmbracoCms -Version 7.3.0

    Your Welcome

    David

  • Garðar Þorsteinsson 113 posts 534 karma points
    Jun 15, 2017 @ 15:34
    Garðar Þorsteinsson
    0

    Hi,

    For me the problem was that some pickers that were updated to the new ones still stored the ID in the index, did not matter if we rebuild it or restarted the site. The problem is that Umbraco shows nothing selected in the pickers though they have data stores behind it, to fix it you need to selected some node with the picker, remove it and save again.

    This will completely remove it from the database.

    Hope this helps someone.

    Gardar

  • Peter Kindberg 17 posts 107 karma points
    Apr 06, 2019 @ 15:20
    Peter Kindberg
    0

    Hi everyone,

    I have had the same issue on a 7.12.4 site.

    Sometime it has been fixed by removing all items in the obj folder, clear the APP_DATA cache, clearning cookies, rebooting the webserver bla bla bla.

    Last time I got this issue (today), none of the above worked.

    In order to make it work this time, I had to do the following steps:

    1. Change umbracoUseSSL = true in web.config.
    2. Change the visual studio to use SSL

    Though I agree, this is a horrible bug that really drains hours of the productivity of this otherwise great product.

    Best regards

    Peter - KindbergCo

  • Peter Kindberg 17 posts 107 karma points
    Apr 06, 2019 @ 15:22
    Peter Kindberg
    0

    To be clear, the above is related to development in Visual Studio.. not live on a production site - thankfully for me.

  • Rasmus Eeg 91 posts 457 karma points c-trib
    Apr 07, 2019 @ 14:16
    Rasmus Eeg
    1

    Everytime this happens, I completely delete umbraco, restart visual studio, and then install umbraco again.

    Deleting umbraco includes deleting umbraco, and umbraco_client, obj and bin folders. And the every thing inside app data folder.

  • Kieron McIntyre 116 posts 359 karma points
    Apr 25, 2019 @ 13:12
    Kieron McIntyre
    0

    If it helps, I've only had this issue when the front end loads some cookie preference javascript (e.g. https://www.civicuk.com/cookie-control or https://www.cookiebot.com/en/) which then deletes the UMB-XSRF-TOKEN.

    In most cases the issue was still occurring even when the backoffice was the only tab open. In this scenario, I checked the browser's dev tools Network view and I could see that a backoffice resource was 404ing and so was in turn loading a front end page and loading the page's cookie preference javascript.

    Fix the 404(s) and it resolves the issue.

    Hope this helps someone.

  • Bo Jacobsen 590 posts 2366 karma points
    Jan 27, 2020 @ 13:51
    Bo Jacobsen
    0

    I just had this issue after upgradeing to 7.6.14

    I could solve it by changing clientdependency version to something higher.

    ~/config/clientDependency.config
    
    <clientDependency version="(Change to something higher)" fileDependencyExtensions=".js,.css" loggerType="Umbraco.Web.UI.CdfLogger, umbraco">
    
  • David Peck 687 posts 1863 karma points c-trib
    Feb 16, 2021 @ 10:53
    David Peck
    0

    Old thread but I was still getting this. The cause was that some of the login cookies were being ignore. Edge's WebDev tools were showing a warning in the login response that existing HTTPS cookie would supersede these cookies and so they would be ignored.

    I was logging in via http://localhost, and clearing the cookies via WebDev tools appeared to leave some previously set at https://localhost in place. Once I deleted these https cookies I was all good.

    I'm not sure how these cookies were set in the first place, but my guess is another project is set to use the backoffice via SSL.

  • David Houghton 10 posts 100 karma points
    Jul 14, 2022 @ 08:42
    David Houghton
    1

    Same As David, I know this is an old thread, but the issue can still occur.... caused by third party plug ins.

    My example was the CivicUk Cookie Control tool wiping certain Umb cookies when a user had tow or more tabs open, one for back office and one or more for frontend. Each time a front end page is reloaded, the cookie control would wipe the Umb tokens, so that when the user tried to reload a page in the back office, or save changes, the 417 HTTP was received as the expected cookies were missing.

    Simple solution is to add an exemption in the cookie config, as inmy case for Civic UK (https://www.civicuk.com/cookie-control/documentation):

    necessaryCookies: ['ASP.NET_SessionId', 'XSRF-TOKEN', 'XSRF-V', '__RequestVerificationToken', '__zlcmid', 'UMB*'],
    
  • Kieron McIntyre 116 posts 359 karma points
    Jul 14, 2022 @ 09:16
    Kieron McIntyre
    0

    Hi David H,

    I understand what you're saying. To clarify, this would happen only for sites where the backoffice is on the same domain as the front end.

    The following is how we have it set up in those cases. For production/staging sites, we have a conditional statement that checks whether the user is logged into the backoffice and if so the necessaryCookies: [...] are updated as you suggest. If not, the UMB* is not included.

    This gets a little trickier when we load the Civic JS and configuration via GTM but it's not difficult to pass data up for GTM to use.

    Either way, divulging that information for all requests is something that should be avoided. I personally try and avoid any .Net references or using any Umbraco API URLs etc in the FE.

Please Sign in or register to post replies

Write your reply to:

Draft