CSRF validation failed - where could be a problem?

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Accounting
Inventory
PoS
Project management
MRP

Take the tour

Posts People Badges

Tags View all

odoo accounting v7 pos invoice

About this forum

Help

CSRF validation failed - where could be a problem?

5096 Views

cache website_crm odooV9 CSRF

Thomas Pilarski

This is a duplicate of already asked problem, but I cannot reply or communicate, as I have no carma here and I need some upvotes.

https://www.odoo.com/forum/help-1/question/csrf-validation-failed-where-could-be-a-problem-102554

The formular handling seems to be broken somehow. I have not found any information, which could solve the problem. The culprit seems to be caching of the csrf token. I have opened different browsers in private mode and the javascript code is generated with exact the same token. If concurrent users are using the submit form, only one user can complete the form.

           <script type="text/javascript">
                odoo.define('web.csrf', function (require) {
                    var token = "204bdeeab8a109dddff1864d004db3059600e686o";
                    require('web.core').csrf_token = token;
                    require('qweb').default_dict.csrf_token = token;
                });
            </script>

I have seen the problem in an signup form, as only one user in 5 minutes could signup. I could bypass the problem by making my own lead contact module and disable the cache on the request definition. After the changes, the signup rate rises up to a normal level.

Has someone used the crm_lead form without the csrf problem?

This question has been flagged