WP Discourse 1.9.5 bug

Hi @pgross! Have you resolved your problem? I’m getting exactly the same issue so I’m wondering whether there’s any issue with wordpress/discourse/plugin itself as I haven’t made any changes on blog or forum except upgrading them and plugins.

Same problem here, I only can think of something broken in the latest WP update (some hours ago…) :x (integration was working since 2015 :wink: )

Back to v 1.9.4 and it’s working again. 1.9.5 seems borked. :wink:

Happy debugging guys. :stuck_out_tongue:

1 Like

I had the same problem with wp-discourse 1.9.5 and discourse 2.3.5.
It seems with 1.9.5 the api_key and api_username has moved from the body to the header.
This causes the request to be “forbidden”:

Started POST "/posts" for at 2019-10-16 15:39:53 +0000
Processing by PostsController#create as */*
  Parameters: {<removed>}
Can't verify CSRF token authenticity.
  Rendering text template
  Rendered text template (0.0ms)
Filter chain halted as :verify_authenticity_token rendered or redirected
Completed 403 Forbidden in 4ms (Views: 1.0ms)

I guess this is (not yet) supported by 2.3? Anyway, adding the removed lines fixed the problem for me.

1 Like

Thanks! That’s the issue. I’ll revert that change for now.

1 Like

Thanks Grinch and Simon. Does that mean I can just take the new version and I will be good to go?


I’m not sure the next update (version 1.9.6) will solve the issue you are having, but it will fix issues introduced in version 1.9.5 for sites that are on Discourse 2.3.5. I’ll post in this topic when the new version is available on WordPress and you can try it out.

I believe the problem is the header field keys have a hyphen, not an underscore. E.g. Api-Key vs api_key. Likely mixed case in the headers vs all lowercase in the body matters too.

1 Like

Yes, that seems to be the problem. The field keys got added in that form in a few places. Normally I test the plugin on a production site before pushing a new version, but didn’t yesterday. I’m not sure why the incorrectly formatted fields are working on my dev site though.

Version 1.9.6 of the plugin should fix the issue. It will be in the WordPress repo later today.

WP Discourse version 1.9.6 is in the WordPress plugin repo now. It is still passing the API credentials in the request headers, but fixes an issue with incorrectly formatted header field keys. This should solve the issue.

Let me know if you are still having trouble with it. If you are getting errors, please let me know what version of Discourse you are using.

1 Like