cookies - Gitlab 帐户访问错误 : "422 The change you requested was rejected."

Question

这个问题asked来自 coderss但是重新启动计算机似乎无效。
422
您请求的更改被拒绝。
确保您可以访问您尝试更改的内容。
如果您认为这是一个错误，请联系您的 GitLab 管理员。
我在 Linux 下的 Firefox 中出现上述错误，但我可以在 Chromium 中访问。
这看起来像典型的 cookie 问题。
我尝试清除所有与 Gitlab 相关的 cookie，然后在没有任何新登录尝试的情况下重新启动计算机。并重新启动计算机 :) 是的，我只是尝试
但仍然是同样的错误，同样的浏览器。
我该如何处理这个问题？
此错误也发生在忘记密码部分和 Firefox 的私有(private)选项卡中。
是否有另一个与 Gitlab 相关的 cookie？

Answer 1

紧随其后的是 issue 35447和 issue 40898 .
最后一项包括:

Ok, I suspect the issue here for many people is that the GitLab session cookie is set to Secure here: https://gitlab.com/gitlab-org/gitlab-ce/blob/9c491bc628f5a72424b82bb01e2457150bf2e71c/config/initializers/session_store.rb#L25

Setting the right SSL headers fixes the problem.

If, for some reason, the connection doesn't appear to be an HTTPS connection, Rails won't send a cookie, and the client won't be able to login. You may be able to confirm this by checking the response headers in the GET /users/sign_in endpoint: if you see a _gitlab_session cookie being sent the first time you load the page, then things are working properly.

和:

JuKuJuKu @JuKu · 1 year ago

HaProxy 的解决方案:

Add these line to your frontend: reqadd X-Forwarded-Proto:\ http

After this change, it worked for me.

See also: https://www.digitalocean.com/community/tutorials/how-to-implement-ssl-termination-with-haproxy-on-ubuntu-14-04

这将避免可怕的:

但这取决于使用的 GitLab 类型(gitlab.com 或内部部署的 GitLab，以及使用的 Web 服务器类型)
例如， issue 53085指 issue 54493 :

The group had internal availability, while one of it's projects was public (not the one I was having so much trouble with, which was private).

Making the group public solved the problem.

OP maxemilian报告在 the comments它现在在 Manjaro 上与 Firefox 一起使用:

I checked my updates diary, but only zoom matches between Firefox access time successfully.
I pretty sure this was related to GitLab login code. Suspicious dates (Jan 6- Jan 21 and Feb 3- Feb 6).
I think This update done by GitLab the dates between Feb 3- Feb 6.