Hi, we've updated to version 9.12 from 9.4 (we will update to newer versions in following weeks), and when editing a document the Dojo UI stops working and the browser console shows this message: "Unable to load /EPiServer/cms/Stores/contentdata/1388457_1636022 status: 500".
Investigating I've found the issue is present in these 2 calls made by the Dojo UI:/cms/Stores/contentversion//EPiServer/cms/Stores/inusenotification/
On the server side the exception is the following (I've replaced sensible data with *):
Cross-site request forgery detected [Client IP: 2.229.**.**, Referer: http://epistaging.**.it:81/EPiServer/Cms/, Url: http://epistaging.**.it:81/EPiServer/cms/Stores/contentversion/, User: IIS APPPOOL\appBeta.**.it]
System.InvalidOperationException: This request has probably been tampered with. Close the browser and try again.in EPiServer.Framework.Web.AspNetAntiForgery.ThrowForgeryException()in EPiServer.Shell.Services.Rest.RestHttpHandler.ValidateAntiForgeryToken(HttpContextBase httpContext)in EPiServer.Shell.Services.Rest.RestHttpHandler.GetController(HttpContextBase httpContext)in EPiServer.Shell.Services.Rest.RestHttpHandler.BeginProcessRequest(HttpContextBase context, AsyncCallback callback, Object extraData)in EPiServer.Shell.Services.Rest.RestHttpHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)in System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()in System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)in System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Any help is very welcomed
Have you tried and closed ALL your browser windows (as the message suggests) and then access edit, does it still give this exception?
Also what you can do is look at your cookies for the site, find the cookie __epiXSRF and delete it, log out and login, still same error. I've had this similiar issue in the past and on one site it got fixed by just closing all broswer windows, starting new browser instance (as this should automatically clear the __epiXSRF cookie as it is set per session) and on another one i deleted the cookie myself and logout/login (the cookie gets set during login).
Hi Antti, thanks for help. I've tried what you suggest but I still got the error. Because in development environment everything is ok but in the staging environment I've got the issue, I've just erased completely the staging environement and re-installed it from zero: new IIS application, new restored database, everything.Now the issue is gone.