Created attachment 67842 [details] Screenshot Today I did several attempts to submit a bug, but I failed from Seamonky and Firefox browser (no others tested). Steps how to reproduce: 1. Go to <https://www.libreoffice.org/> 2. Click 'Get Help' -> 'Bub' Assistant appears 3. Component = Drawing Sub Component = FILEOPEN version = 3.3.0 Beta2 Subject = paticular .CDR (7) shows pixel picture text contents blue instead of read Long Description: see at the end of the report 4. <Submit> Expected: bug Report Submission Actal: : I get Message "It looks like you didn't come from the right page (you have no valid token for the" ---- Long Description ---- Steps to reproduce: 1. Open attached "staefa.cdr" in LibO 3.6 Expected: Text is red Actual: Text is blue I created this document in 2001 and can't remember whether I scanned that or made a snapshot of a PDF or whatever else. Browser: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20120909 Firefox/15.0.1 SeaMonkey/2.12.1
<https://bugs.freedesktop.org/buglist.cgi?chfield=[Bug%20creation]&chfieldfrom=-30d&chfieldto=Now&columnlist=component%2Cbug_status%2Cresolution%2Cshort_desc%2Cversion%2Cbug_severity%2Cop_sys%2Copendate&list_id=137178&product=LibreOffice&query_format=advanced&status_whiteboard=BSA&status_whiteboard_type=allwordssubstr&order=opendate%2Cbug_id&query_based_on=> shows not more Bug reports with BSA since 2012-09-23, the day where we got the update for Bugzilla. @Rob: That's urgent, can you help?
This is what actually returned by bugzilla. I transformed it into plain text. --->8--- It looks like you didn't come from the right page (you have no valid token for the create_bug action while processing the 'post_bug.cgi' script). The reason could be one of: * You clicked the "Back" button of your web browser after having successfully submitted changes, which is generally not a good idea (but harmless). * You entered the URL in the address bar of your web browser directly, which should be safe. * You clicked on a URL which redirected you here without your consent, in which case this action is much more critical. Are you sure you want to commit these changes anyway? This may result in unexpected and undesired results. [button]Confirm Changes[/button] Or throw away these changes and go back to index.cgi. --->8---
From https://wiki.mozilla.org/Bugzilla:REST_API:Objects#Bug > update_token: Token you'll need to submit to change the bug; supplied only when logged in Also, tested by submitted a new bug via this bugzilla interface, it sent a "token" field when doing POST post_bug.cgi In conclusion, we need a token string. But I don't know how to get it in BSA. Possible solutions in my thoughts: (A) Change BSA to use Bugzilla REST API https://wiki.mozilla.org/Bugzilla:REST_API But this requires much works, both by fdo admin and libo sides. (B) Use Bugzilla API (XML-RPC) http://www.bugzilla.org/docs/4.2/en/html/api/ (C) Maybe some configurations / hacks to turn off checking for token will help. But this will be less secure and I don't know if this is possible. Or are there more possible solutions that I can't think of? Probably ;)
Ouch, the "token" field is in page enter_bug.cgi?product=LibreOffice&bug_status=UNCONFIRMED and appears as: <input type="hidden" name="token" value="$token_value"> If only we could get it into BSA ...
(In reply to comment #4) > Ouch, the "token" field is in page > enter_bug.cgi?product=LibreOffice&bug_status=UNCONFIRMED Beware! Token is NOT the same as in enter_bug.cgi (product selection page)
Created attachment 67876 [details] UNTESTED patch One of admins please apply the attached patch and see whether it works. Thanks.
Created attachment 67952 [details] fixes the bug The bugassistant works again with this patch. As can be verified through this link: https://bugassistant.libreoffice.org/libreoffice/bug/bug.html Can the website point back again to the bugassistant?
I made an error with the patch I send. I committed the correct one now: http://cgit.freedesktop.org/libreoffice/website/commit/?id=c247d268474d62fdbab76cb671203c4385d9a5ea Many thanks for Korrawit for the heads up.