Jump to content

Problem with cache and token in URL for some BO menu items - NOT "INSECURE TOKEN" ISSUE


Recommended Posts

This question relates to my earlier post https://www.prestashop.com/forums/topic/636915-solved-prestashop-redirects-to-login-screen-when-accessing-some-bo-menu-items/ which I thought was resolved but isn't. I am starting a new post because some information in the old one didn't relate to the actual issue, so for more clarity here it is revised:

Since moving my client site to a new hosting server (where I have a number of other Prestashop sites hosted without any problem), my client's site has problems accessing some back office menu items, namely Orders, Customers and Performance. If you click on any of these, you get redirected to the login screen. Not crashed out, just redirected. Going backwards in the browser brings us back in.

For the Order page for example, the URL for the menu item is:

https://www.XYZcompany.com/shop/admin/index.php?controller=AdminOrders&token=4da9c0650556eb6956c784aa1b14a2bb

However, if we click on it, it becomes:

https://www.XYZcompany.com/shop/admin/index.php?controller=AdminLogin&token=af3bdebf540cc4942582bb9479e49ba2&redirect=AdminOrders

and redirects to the login page.

But, if we copy this link directly into the browser but REMOVE the token part, it opens the Orders page correctly:

https://www.XYZcompany.com/shop/admin/index.php?controller=AdminOrders

 

Yesterday, we did this a few times. At first, after accessing the Orders page with the ex-token URL and then moving around to other menu items, when getting back to Orders we would still get redirected to the login screen. But after a while, a new token seemed to have been generated that the system was happy with and we could access Orders by clicking on the menu as normal. So I thought the issue was resolved. However, this morning we are back to the redirect, and so far I have not been able to resolve it.

Any suggestions from developers with a better understanding of tokens would be appreciated. I can only find information realting to error messages about "Invalid Security Tokens" but there are no error messages for us, just the redirect.

Thanks!!

Edited by intandem (see edit history)
Link to comment
Share on other sites

We realised that the issue only came up in Chrome browser. The issue got TEMPORARILY resolved by clearing the browser cache of cookies as well as files. Cookies alone does not help. However, later in the day the same issue came back - not necessarily for the same problem pages but could be, for example, a specific order not opening but redirecting. Cleared cache again, all good. The next morning, same problem and cannot even log into the site without clearing the cache again.

Any ideas???

Edited by intandem (see edit history)
Link to comment
Share on other sites

  • 1 month later...
  • 2 years later...
  • 2 years later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...