Fix microcopy for CSRF validation failure. Remove display of bad

rouilj · rouilj · commit 4ed123a0a585 · 2019-07-15T20:41:24.000-04:00
token, I mean what is the user going to do with it. Details are logged
so no info is lost. Make verbage more user friendly. Suggest
re-entering unsaved data and trying again.
diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
@@ -1304,7 +1304,7 @@ def handle_csrf(self, xmlrpc=False):
                 logger.error(
                     self._("Csrf mismatch user: current user %s != stored user %s, current session, stored session: %s,%s for key %s."),
                     current_user, nonce_user, current_session, nonce_session, key)
-                raise UsageError(self._("Invalid csrf token found: %s")%key)
+                raise UsageError(self._("We can't validate your session (csrf failure). Re-enter any unsaved data and try again."))
             elif enforce == 'logfailure':
                 logger.warning(
                     self._("logged only: Csrf mismatch user: current user %s != stored user %s, current session, stored session: %s,%s for key %s."),
@@ -1314,7 +1314,7 @@ def handle_csrf(self, xmlrpc=False):
                 logger.error(
                     self._("Csrf mismatch user: current session %s != stored session %s, current user/stored user is: %s for key %s."),
                     current_session, nonce_session, current_user, key)
-                raise UsageError(self._("Invalid csrf session found: %s")%key)
+                raise UsageError(self._("We can't validate your session (csrf failure). Re-enter any unsaved data and try again."))
             elif enforce == 'logfailure':
                     logger.warning(
                         self._("logged only: Csrf mismatch user: current session %s != stored session %s, current user/stored user is: %s for key %s."),
