CSRF errors after upgrading

etherweave

I just upgraded one of my sites using the updater from 1.4.33 to 1.4.34. Subsequently, I can login as usual, but when I attempt to edit a resource I get a blank screen. When I viewed the source of the frame it's showing "A possible CSRF attempt was detected. No referer was provided by the server." Any idea what might be causing this? The upgrade went smoothly otherwise -- no errors or anything.

Thanks!
Michael

fourroses666

I use a custom manager theme and had to replace the login.tpl file.
That CSRF message showed on login for me. (Cross Site Request Forgery)

In the manager I didn't had that issue. Did you cleared cache or tried an other browser?
My guesses are diffences in the source loading stuff with http and https or with and without www.

etherweave

I tried a few approaches, but nothing worked. I eventually isolated the issue as a plugin problem, so I disabled all plugins and gradually re-enabled them until the problem was resolved. (The plugin that was a problem was ElementsInTree.)

fourroses666

Maybe you need to update ElementsInTree (Extras). Never had that issue myself.