Bug #7625
closedUser unable to register - gets "Forbidden" message
0%
Description
Hi - This is an issue coming from Zendesk. User is trying to register for the Commons and is getting "Forbidden" message. See attached. She is using a cell phone.
Files
Updated by Boone Gorges almost 8 years ago
- Status changed from New to Reporter Feedback
Hi Scott - Thanks for the report. Did the user provide any information about exactly how the error was arrived at? Specifically, how did the user first get to the Register page? The Forbidden message is a spam-prevention tool that should only be triggered when the registration form is submitted without first visiting another page on the Commons; is it possible that the user navigated directly to https://commons.gc.cuny.edu/register/ without first visiting another page? (If this is in fact what happened, I still consider it a bug, but knowing one way or the other will help narrow down where to start looking.)
Additionally, it'd be helpful to know whether the user has any non-default settings in the device's browser. Specifically, any settings that prevent the browser from accepting cookies from the Commons have the potential to cause an error like this.
Updated by scott voth almost 8 years ago
Hi Boone - When she first reported the issue I sent her the direct link - so she probably did not visit another Commons page. But on the initial time, she access it via main page. I have asked about her brower settings.
Updated by Boone Gorges almost 8 years ago
Thanks, Scott. Let me know what you hear back.
For my own notes: our cookie-based blocking technique doesn't block only POST, but any visit to /register/ that doesn't contain the proper cookie. Perhaps this should be revisited, since the initial GET request would set the cookie on a normal visit.
Updated by Boone Gorges over 7 years ago
- Target version set to Not tracked
Hi Scott - Did you ever hear back from this user?
I'm a bit concerned that this issue pops up more frequently than we hear about, because users who run into the problem simply give up and walk away. I'm going to loosen the restriction, so that only POST requests are blocked. https://github.com/cuny-academic-commons/cac/commit/f32c1f7f0f0b30b3db5a997c2d45be87cd60e3f4
Updated by Boone Gorges about 7 years ago
- Status changed from Reporter Feedback to Resolved
Haven't heard back, so I'm assuming it's not a huge issue anymore.