[Webkit-unassigned] [Bug 245275] submitting html contact form with csrf cookie
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Oct 4 12:23:35 PDT 2022
https://bugs.webkit.org/show_bug.cgi?id=245275
--- Comment #3 from wgordonw1 at gmail.com ---
We attempted this path before submitting the issue. The workflow is complicated in this application and it was reported to be frustrating by testers - the current leading suggestion is to remove CSRF protection but that seems like a bad long term solution to me.
>From memory the data entry experience was frustrating because the form had to be filled out multiple times due to the greeting redirect and cookie prompts - I believe we had to let the user fill out the form, wait for them to click submit, then redirect to the greeting page, have them click a button that goes backwards in history, then they have to click a popup to allow cookies, then the page needs to be refreshed, then they have to fill out the form and hit submit.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221004/508188dc/attachment.htm>
More information about the webkit-unassigned
mailing list