XF 2.2 GSC and cookies consent URL

  • Thread starter Thread starter Deleted member 184953
  • Start date Start date
D

Deleted member 184953

Guest
Hello, since the January 21th i receive a lot of URL errors in GSC, 3.6K of this kind of URL:
https://xenforo.fr/misc/cookies?update=1&reject=1&t=1674994290,d71df2eb1236ef187440fa26d77167eb
https://xenforo.fr/misc/cookies?update=1&accept=1&t=1675076268,279b19e95b315beba530f32200313e8f

@digitalpoint can you think it could be linked to the Cloudflare add-on ?
@mazzly or your AMP add-on ?

Thanks guys.
 
Sort by date Sort by votes
My guess is that it stems from the fact that XenForo is using CSRF tokens in GET requests and those tokens become invalid before too long. Which means those URLs will throw an error if accessed later (a search engine spider doesn’t instantly spider all links right when it sees them).

IMO, XenForo should change the places where it uses CSRF tokens in GET requests to POST requests (for this and other reasons).
 
Upvote 0 Downvote
Thanks,
So the initial "problem" would come from XF but would be revealed by your Cloudflare add-on, did I understand correctly?

It's not very disturbing these errors in the GSC, I also asked for the deletion of URLs starting with https://xenforo.fr/misc/cookies?update. I'm just trying to understand.
 
Upvote 0 Downvote
No, doesn’t have anything to do with Cloudflare add-on. XenForo has a few URLs with expiring CSRF tokens embedded in the URL in a few places (for example the advanced cookie consent pop up). It does that in a vanilla installation. It’s not the “right” way to do it, but it does it that way for some reason.
 
Upvote 0 Downvote
Ok, understood. What surprises me is that these errors only appeared in the GSC from January 21, while I installed 2.2.12 and the advanced cookie consent from December 8. Perhaps Google's indexing lag.
 
Upvote 0 Downvote
As an example, you can look at Google's last spidering of the XenForo community page here:

webcache.googleusercontent.com

XenForo community

Forum software by XenForo
webcache.googleusercontent.com webcache.googleusercontent.com

If you get the URL on that page that is used to accept cookies, you get an error if you use it:


...basically the same thing that happens to Google.

You could of course block those URLs with robots.txt since they serve no purpose as far as spidering content, but the "right" thing to do would be for XenForo to switch it's usage of CSRF tokens to be POST requests.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Rhodium
Confirmed Preview editor and cookies
Replies
0
Views
42
Rhodium
Rhodium
dethfire
  • Question Question
XF 2.2 5 of my sitemaps aren't listed in GSC and I get Error code: Out of Memory
Replies
7
Views
714
dethfire
dethfire
Scandal
XF 2.0 XF2 and Cookies Management (via ->setCookie) issues
Replies
3
Views
1K
Scandal
Scandal
Stuart Wright
  • Suggestion Suggestion
Lack of interest UK 'right to be forgotten' to include IPs and cookies
Replies
4
Views
811
Chris D
Chris D
Back
Top Bottom