Infos:
- Used Zammad version: 6.3.1-95
- Used Zammad installation type: docker-compose
- Operating system: Ubuntu 24.04
- Browser + version: Chrome 126.0.6478.182 / Firefox 128.0.2
Expected behavior:
- Log In → Log out → Log in → Log out → Log in …
Actual behavior:
- Log in → Log out → CSRF token verification failed
Similar to that Issue:
Login User: CSRF token verification failed
Steps to reproduce the behavior:
- Run docker-compose
- Configure Zammad
- Log in (already logged in after setup)
- Log out
- CSRF token verification failed
I’m using Zammad behind a reverse proxy. i had a look into your .examples/proxy and, as far as I understand it, it would spin up an additional Nginx, that acted as a reverse proxy. I already have one and I use Caddy, so that one points to Zammad’s default port 8080.
Because everything seems to work pretty well (until I log out), I don’t suspect, it’s the reverse proxy’s issue.
Another thing, that might be related, or not, is, that I can’t take over a session. Meaning: If I’m logged in in Chrome and I want to log in in Firefox, it stopps the session in Chrome, but tells me the session is invalid in Firefox … after flashing me with the dashboard …
BTW: I’m running version 6.2.0-1 the same way. The only difference: Caddy - the reverse proxy - is on the same mashine. There I don’t have that issue.
Just testet it again to ensure everything’s the same between the old and new version (except the lacation of the proxy) and am still getting the same behaviour.