Feature #10569

Save user data on invalid form authenticity token

Added by Emanuel Rietveld over 10 years ago. Updated about 1 month ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:


Category:Accounts / authentication
Target version:-


Sometimes, when a user leaves a tab open with an issue, and meanwhile somehow gets signed out, the user may try to update the ticket without realizing she is not logged in. In this case, she may spend a long time typing an update to the ticket, which then gets lost when she submits it. Instead of printing only 'invalid form authenticity token' redmine may write something like

Invalid form authenticity token. This can happen if your session has timed out. Please try to log in again. Here is the text you submitted, so you can save it:


That way, the user can copy her work to a text editor, before logging in again and submitting the update again. This would be a usability improvement.

Related issues

Related to Redmine - Patch #15234: A popup message after session timeout New


#1 Updated by Karel Pičman almost 9 years ago

I've tried to solve the session timeout problem here #15234.

#2 Updated by Toshi MARUYAMA almost 9 years ago

  • Category changed from UI to Accounts / authentication

#3 Updated by Toshi MARUYAMA almost 9 years ago

  • Related to Patch #15234: A popup message after session timeout added

#4 Updated by Andrew Leech over 7 years ago

This same issue had hit me a number of times. I've found however that hitting back on the browser (chrome for me) does work for me, my text is just hidden.

After typing and entry that is an update to an existing issue, then hitting submit and finding the login page popup, I hit back on browser once and get back the page I was editing.
The text is initially gone, but if I hit the update button the edit box comes back with the text still in it. I can copy it then, re-login, and paste text back again.

#5 Updated by Martin von Wittich about 1 month ago

This happens what feels like once per month to me, when I'm taking a long time to create a new issue, and is super annoying. The fact that the Back button of the browser simply returns to an empty form makes this especially egregious. The only way to recover the issue text is to open the network inspector and manually copypaste it from the POST data.

Also available in: Atom PDF