Details
-
Bug
-
Resolution: Fixed
-
High
-
2.3.0-rc2
Description
CRSF token in Form Builder can be cached by Varnish, which makes submitting the form impossible for the first time after it's cached.
Steps to reproduce:
1. Login as admin
2. Create new Form under Home
3. Add Single Line input, Captcha and Button form fields
4. Publish the form
5. Visit the form on the frontend
6. Submit a sample submission using the form
7. Using another browser: visit yoursite/login and login as admin
8. Visit the same form (still using the second browser)
9. Send a second submission
Expected:
Submission is sent
Actual:
Message about invalid CRSF token is displayed:
The CSRF token is invalid. Please try to resubmit the form.