CSRF token is invalid [Sonata Admin]

[nicolasjaco]

Hello,

I'm opening this issue because we have an issue with CSRF token in Sonata Admin (4.8.1).
We use Symfony (5.4) with PHP (7.3.33).

Currently we deactivate the csrf token to make work the Back Office but it's a temporary measure. We don't want to let the csrf deactivated but we don't know how to handle this issue.

I attach the screen of the issue.

Our config file is like this :
framework:
session:
storage_factory_id: session.storage.factory.native
handler_id: null

Let me know if you need more information
Thanks in advance for help

[jordisala1991]

Can you provide a repository that reproduces the problem? Or at least the steps you followed to get the error?

Looks like a configuration problem on your side with the info you provided.

[tschelhas]

I recently had the same issue.
In my case the reason was a big formular with a lot of multiple choice elements so the post action exceeded the php config value for "max_input_vars".

So u should check this config parameter against your posted values.

[rafa0805]

Hi folks!

I'm facing seemingly the same trouble after updating sonata-project/admin-bundle.
It seems that the following release of symfony/security-http is breaking something.
https://github.com/symfony/security-http/releases/tag/v5.4.31

versions of packages in my project is fixed to:

• sonata-project/admin-bundle: 4.29.1
• symfony/security-http: 5.4.31

[VincentLanglet]

It seems that the following release of symfony/security-http is breaking something. symfony/security-http@v5.4.31 (release)

If it's related to a symfony update, you should report this to symfony instead.