Skip to content

Firefox: Forbidden - CSRF token invalid

Created by: philjones

I've been following the quick-start + GitLab instructions for getting the new integration working within GitLab.

I got a must be logged into sourcegraph error in GitLab and even though I was logged in, I thought perhaps it needs the OAuth authentication setup - so I followed the instructions for configuring that and logged in.

The GitLab sign-in doesn't work - "The redirect URI included is not valid." though I'm pretty sure I followed the instructions - not sure if it's not happy about the port or the http sourcegraph (it's https).

Now every request to login (with the regular account I was previously using) is failing with "Forbidden - CSRF token invalid".

I've cleared cookies, session, tried new browsers, etc. - same issue.

I see a graphQL log image

ahead of each of the login attempt - not sure if that's "using up" the CSRF token.

I can't access the site configuration because I can't login so I can't undo the GitLab OAuth setup either.