<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">I have seen this in multiple paths – not in Shibboleth login, but only because I rarely do that. I have not seen an uptick in complaints from our users, but I will ask our support team to be on the lookout. With an average of 30K Shibboleth
logins a day, I would expect that at least a few users might be affected.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">On 4/6/22, 5:18 PM, "users" <users-bounces@shibboleth.net> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">>>>>>Caution: This message did not originate from within Ithaka's email system. Please use caution when opening attachments and following links within this message.<<<<<<br>
<br>
We've recently (last day or so) seen an uptick in Chrome users getting <br>
CSRF token verification failed errors. Wondering if anyone else is <br>
seeing this.<br>
<br>
In some cases it looks like it might be a Chrome extension that is <br>
interfering (possibly an Adobe extension but there's not enough data to <br>
say for sure).<br>
<br>
In the current incarnation, using incognito mode or a different Chrome <br>
profile(?) works fine (which tends to support the extension interference <br>
hypothesis).<br>
<br>
-- <br>
%% Christopher A. Bongaarts %% cab@umn.edu %%<br>
%% OIT - Identity Management %% <a href="http://umn.edu/~cab">http://umn.edu/~cab</a> %%<br>
%% University of Minnesota %% +1 (612) 625-1809 %%<br>
<br>
-- <br>
For Consortium Member technical support, see <a href="https://shibboleth.atlassian.net/wiki/x/ZYEpPw">
https://shibboleth.atlassian.net/wiki/x/ZYEpPw</a><br>
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net<o:p></o:p></p>
</div>
</div>
</body>
</html>