Anyone ever seen csrfGenerateToken() not work on a...
# adobep
Patrick S
08/09/2023, 1:31 PMAnyone ever seen csrfGenerateToken() not work on a Windows CF21 dev server (using IIS)? I've got the session variables enabled, but I get the incredibly useless "500 - Internal Server Error" when I visit a page that executes it even without any key or token passed to it. The same code works on our other servers, both Windows and Mac. ColdFusion has been updated to the current patched version...
m
Michael Schmidt
08/09/2023, 1:44 PMWhat do your logs say? We are running similar configuration and have not ran into this issue as of yet.
p
Patrick S
08/09/2023, 1:50 PMI figured it out... I had copied the page with the example code and hadn't moved over the parent application.cfc file which enabled the session management for that 'application.' Doh! Digging into the ColdFusion logs it did provide more color than just a 500 error thankfully.
🤦🏻♂️ 1
p
Patrick
08/09/2023, 2:40 PMWell in future you can always enable detailed error messages on IIS if need more insight to the error.
p
Patrick S
08/09/2023, 4:22 PMIn the Coldfusion-out.log it was recording the error as:`Enable SessionManagement to use CSRF Token. The specific sequence of files included or processed is:...`
3 Views