Gitlab account acces error: "422 The change you requested was rejected."

Question

This question asked by coderss but restarting the computer seems to noneffective.

422 The change you requested was rejected. Make sure you have access to the thing you tried to change. Please contact your GitLab administrator if you think this is a mistake.

I have above error in Firefox under Linux but I have access in Chromium. That's looks like typical cookie problem.

I tried clear all Gitlab related cookies then restarted computer without any new sign in attempt. and restarted computer :) yeah I just try

But still same error, same browser.

How can I handle this problem?

This error also occurs at forgot password section and in private tab of Firefox.

Is there another Gitlab related cookie?

Answer 1

The issue should be fixed not only with cookies as discribed, but also with a correction of time system. I faced exactly the same problem: unable to connect with Firefox, even with a reset of cookies, but I was able to connect with Chrome. (That sounds strange because my clock system was false even on Chrome.)

The solution came with this very short explanation:

"it's was because my local time zone wasn't set up properly (and was messing with cookies)" Source: https://www.reddit.com/r/gitlab/comments/cv7pov/422_error_on_wwwgitlabcomuserssignin_and/ey7l7lz?utm_source=share&utm_medium=web2x&context=3

Answer 2

This was followed by issue 35447 and issue 40898.

The last one included:

Ok, I suspect the issue here for many people is that the GitLab session cookie is set to Secure here: https://gitlab.com/gitlab-org/gitlab-ce/blob/9c491bc628f5a72424b82bb01e2457150bf2e71c/config/initializers/session_store.rb#L25

Setting the right SSL headers fixes the problem.

If, for some reason, the connection doesn't appear to be an HTTPS connection, Rails won't send a cookie, and the client won't be able to login. You may be able to confirm this by checking the response headers in the GET /users/sign_in endpoint: if you see a _gitlab_session cookie being sent the first time you load the page, then things are working properly.

And:

JuKu JuKu @JuKu · 1 year ago

Solution for HaProxy:

Add these line to your frontend: reqadd X-Forwarded-Proto:\ http

After this change, it worked for me.

See also: https://www.digitalocean.com/community/tutorials/how-to-implement-ssl-termination-with-haproxy-on-ubuntu-14-04

That would avoid the dreaded:

But it depends on the type of GitLab used (gitlab.com or an on-premise GitLab, and the type of Web server used)

For example, issue 53085 refers to issue 54493:

The group had internal availability, while one of it's projects was public (not the one I was having so much trouble with, which was private).

Making the group public solved the problem.

---

The OP maxemilian reports in the comments it is working now with Firefox on Manjaro:

I checked my updates diary, but only zoom matches between Firefox access time successfully.
I pretty sure this was related to GitLab login code. Suspicious dates (Jan 6- Jan 21 and Feb 3- Feb 6).
I think This update done by GitLab the dates between Feb 3- Feb 6.