Traceback (innermost last):
Module ZPublisher.WSGIPublisher, line 162, in transaction_pubevents
Module ZPublisher.WSGIPublisher, line 371, in publish_module
Module ZPublisher.WSGIPublisher, line 274, in publish
Module ZPublisher.mapply, line 85, in mapply
Module ZPublisher.WSGIPublisher, line 63, in call_object
Module customcontent.addon.browser.ajax.ajax_call, line 12, in call
Module plone.protect.authenticator, line 126, in check
Forbidden: Form authenticator is invalid.
Shahkhan Sh via Plone Community wrote at 2024-1-18 13:28 +0000:
Traceback (innermost last):
...
Module plone.protect.authenticator, line 126, in check
Forbidden: Form authenticator is invalid.
Authenticator checks are a Plone measure to protect
against CSRF (= "Cross Site Request Forgery"):
If Plone generates a form, it automatically adds a hidden field
containing the currently valid authenticator value.
If you create the form yourself, you must do something similar.