[#46791] - Issue#46788 : Fix invalid token error when paginating editor-xtd modals
- Closed
- 31 Jan 2026
- Medium
- Build: 5.4-dev
- # 46791
- Diff
- VaishnaviSidral:Issue#46788
User tests: Successful: Unsuccessful:
Pull Request for Issue #46788 .
Summary of Changes
Fix pagination inside editor-xtd modal dialogs (Article/Menu/Module buttons) when editing articles from the frontend.
Pagination links were missing the CSRF token, causing Joomla to reject page navigation requests with an "invalid security token" error.
Testing Instructions
- Setup a user with frontend article edit permissions.
- Login in the frontend and edit an article.
- Click any editor-xtd button such as "Menu", "Module", or "+Article".
- Scroll down in the modal and click on pagination (e.g. page 2).
Actual result BEFORE applying this Pull Request
Clicking on another pagination page results in a blank modal with the error:
"The most recent request was denied because it had an invalid security token."
Expected result AFTER applying this Pull Request
Pagination works correctly inside the modal dialog and the next page of items is displayed without any security token error.
Link to documentations
Please select:
-
Documentation link for docs.joomla.org:
-
No documentation changes for docs.joomla.org needed
-
Pull Request link for manual.joomla.org:
-
No documentation changes for manual.joomla.org needed
Votes
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | Layout |
@VaishnaviSidral can you please fill all the pull request template fields like tests instructions etc so other people can understand and test your pull reuqest
Does not look like a right fix to me. The reason of the error is form token is not added automatically to pagination URL, I think the change like this https://github.com/joomla/joomla-cms/compare/5.4-dev...joomdonation:fix_invalid_token_pagination?expand=1 would be better
@Fedik As you introduced the method, how do you think about it?
@VaishnaviSidral this pull request is absolutely useless if you dont spend the 2 minutes describing what it is, what it does, and how to test it. There was a reason you were asked those questions when you created the pull request - it wasnt just for fun. Please edit the description of this pull request to preovide the missing information otherwise this will have to be closed
@joomdonation I not really remember that I did something with it.
Current PR is incorrect indeed.
For issue #46788 why we do ever check the token for navigation? It should not be need.
Maybe some recent changes in one of Controllers cause it?
@Fedik I saw the method added with your PR #44023, that was the reason I asked you. As for checking token, I'm unsure, maybe it was added to block random requests to these views, https://github.com/joomla/joomla-cms/blob/5.4-dev/administrator/components/com_modules/tmpl/modules/modal.php#L22-L24 . There are backend view layouts, accessed from frontend, but I'm unsure the exact reasons
I saw the method added with your PR #44023
That was some fix after the fix in pagination 😄
There are backend view layouts, accessed from frontend, but I'm unsure the exact reasons
I see. Well, I think for general navigation it is not need. Also it is available only for logged in user.
I suggest to close this PR and reopen the issue for now, need to check in detail what is going on.
It is a valid issue and should be fixed. If we need to keep form token in pagination URL, my proposed code could be used :)
It is a valid issue and should be fixed
That is why I suggest to reopen the original issue 😉
| Status | Pending | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2026-01-31 09:29:26 |
| Closed_By | ⇒ | joomdonation | |
| Labels |
Added:
Updates Requested
PR-5.4-dev
|
||
Thanks @VaishnaviSidral for attempt to fix the issue. It is more complicated and we decided that the solution you proposed here is not good enough, we will need more time to discuss and find a proper solution, so I'm closing this PR
i have check the code the code is running succesfully
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/46791.