--- Comment #2 from Bryan Davis <> ---
The guess about session cleanup is just that... a guess.

If that is the problem it would be possible to add a javascript heartbeat
callback that would keep the server side session alive while people were parked
on the application form. Pinging back to the server every 5 minutes or so
should be enough to keep the session alive. The client side script could even
be really smart and only make the pings if there had been mouse/keyboard
activity since the last ping went out.

An alternate solution might be to fire a quick ajax request on form submit that
validated that the XSRF token was still good and if not acquired a new one and
wrote it into the form before letting the browser continue to submit.

You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to