Page MenuHomePhabricator

WikibaseLexeme browser tests failing with Invalid CSRF Token error
Open, NormalPublic

Description

WikibaseLexeme browser tests are failing locally after initial setup of docker dev. env.

The failures are caused by Invalid CSRF Token thrown in api calls via the bot within the tests.

It is not clear if it can always be reproduced by starting fresh and trying to run the tests, but that was my case (and the only one I know about yet). Though since then the failures are consistent.

Example failing spec tests/selenium/specs/form.edit.js.

Can be run solely by running chrome driver:

chromedriver --url-base=wd/hub --port=4444

and then running the spec (inside mediawiki core directory):

DISPLAY="" node_modules/.bin/wdio tests/selenium/wdio.conf.js --spec extensions/WikibaseLexeme/tests/selenium/specs/form.edit.js

Event Timeline

Restricted Application added a project: Wikidata. · View Herald TranscriptFeb 20 2019, 6:26 PM

So far I got here.

I get this by logging the rejection of WikibaseApi.createItem() calls inside LexemeApi.create() method (... WikibaseApi.createItem().catch(console.log) ... at lines 43 and 46):

{ Error: badtoken: Invalid CSRF token.

  at rawRequest.then (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/mwbot/src/index.js:257:31)
  at tryCatcher (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/util.js:16:23)
  at Promise._settlePromiseFromHandler (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/promise.js:512:31)
  at Promise._settlePromise (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/promise.js:569:18)
  at Promise._settlePromise0 (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/promise.js:614:10)
  at Promise._settlePromises (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/promise.js:694:18)
  at _drainQueueStep (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/async.js:138:12)
  at _drainQueue (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/async.js:131:9)
  at Async._drainQueues (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/async.js:147:5)
  at Immediate.Async.drainQueues (/home/alaasarhan/src/mediawiki/extensions/WikibaseLexeme/node_modules/bluebird/js/release/async.js:17:14)
  at runCallback (timers.js:810:20)
  at tryOnImmediate (timers.js:768:5)
  at processImmediate [as _immediateCallback] (timers.js:745:5)
errorResponse: true,
code: 'badtoken',
info: 'Invalid CSRF token.',
response: 
 { error: 
    { code: 'badtoken',
      info: 'Invalid CSRF token.',
      '*': 'See http://default.web.mw.localhost:8080/mediawiki/api.php for API usage. Subscribe to the mediawiki-api-announce mailing list at <https://lists.wikimedia.org/mailman/listinfo/mediawiki-api-announce> for notice of API deprecations and breaking changes.' },
   servedby: '802a7111447b' },
request: 
 { method: 'POST',
   headers: { 'User-Agent': 'mwbot/1.0.10' },
   qs: { format: 'json' },
   form: 
    { action: 'wbeditentity',
      new: 'item',
      data: '{"labels":{}}',
      token: '24a5a0e6af49141dd46dbb3c3f1e12475c6d2ecd+\\' },
   timeout: 120000,
   jar: true,
   time: true,
   json: true,
   uri: 'http://default.web.mw.localhost:8080/mediawiki/api.php' } }
alaa_wmde triaged this task as Normal priority.Apr 30 2019, 9:29 PM
alaa_wmde added a subscriber: Michael.

tagging @Michael. I'm prioritizing this a bit now as it negatively impacts our productivity when we need to run browser tests locally