c3c35f076c
Context: We have witnessed multiple, seemingly random "CSRF verification failed" errors while signing in (with valid ID) to the Studio. Explanation: The login form does not initially include a CSRF field. The CSRF header of the request is appended to the studio login request headers by intercepting the form validation. This intercept is performed by the login.js script. Unfortunately, the login.js script is loaded pretty late (at the end of the template). So if the login form is validated sufficiently fast, the login.js script has no time to load and append the X-CSRFToken header to the request. Proposed solution: the CSRF token is already passed to the template via the login view, so we just add a hidden field to the login form to include the csrf token.
This is the main edX platform which consists of LMS and Studio.
See code.edx.org for other parts of the edX code base.
Installation
Please refer to the following wiki pages in our configuration repo to install edX:
- edX Developer Stack
These instructions are for developers who want to contribute or make changes to the edX source code. - edX Full Stack
Using Vagrant/Virtualbox this will setup all edX services on a single server in a production like configuration. - edX Ubuntu 12.04 64-bit Installation
This will install edX on an existing Ubuntu 12.04 server.
License
The code in this repository is licensed under version 3 of the AGPL unless
otherwise noted. Please see the
LICENSE file
for details.
Documentation
Documentation for developers, researchers, and course staff is located in the
docs subdirectory. Documentation is built using
Sphinx: you can view the built documentation on
ReadTheDocs.
Getting Help
If you're having trouble, we have several different mailing lists where you can ask for help:
- openedx-ops: everything related to running Open edX. This includes installation issues, server management, cost analysis, and so on.
- openedx-translation: everything related to translating Open edX into other languages. This includes volunteer translators, our internationalization infrastructure, issues related to Transifex, and so on.
- openedx-analytics: everything related to analytics in Open edX.
- edx-code: everything related to the code in Open edX. This includes feature requests, idea proposals, refactorings, and so on.
You can also join our IRC channel: #edx-code on Freenode.
Issue Tracker
We use JIRA for our issue tracker, not GitHub Issues. To file a bug or request a new feature, please make a free account on our JIRA and create a new issue! If you're filing a bug, we'd appreciate it if you would follow our guidelines for filing high-quality, actionable bug reports. Thanks!
How to Contribute
Contributions are very welcome, but for legal reasons, you must submit a signed individual contributor's agreement before we can accept your contribution. See our CONTRIBUTING file for more information -- it also contains guidelines for how to maintain high code quality, which will make your contribution more likely to be accepted.
Reporting Security Issues
Please do not report security issues in public. Please email security@edx.org