Cross Site Request Forgery (XSRF)

Random stuff about serendipity. Discussion, Questions, Paraphernalia.
Post Reply
Imajica
Regular
Posts: 59
Joined: Mon Dec 05, 2016 5:26 pm
Location: Racine
Contact:

Cross Site Request Forgery (XSRF)

Post by Imajica »

Morning Folks

I'm running into an issue using Serendipity 2.1-rc1 and PHP 5.6.30
I have 2 sites in development one is at www.notmywebsite.com/portal
the second is at www.notmywebsite.com/also.notmywebpage.com

the first one is my main site and the second is a site I am working on for a friend of mine.
each has isn't own database and are in separate subdurectories

\When I try to update plugins via spartacus I get this error.

Code: Select all

Your browser did not sent a valid HTTP-Referrer string. This may have either been caused by a misconfigured browser/proxy or by a Cross Site Request Forgery (XSRF) aimed at you. The action you requested could not be completed.
I did look around the forums and the solutions I read thru don't seem to apply
I tried to read the german forums, but it's not a language I speak.

any ideas?

John
MarioH
Regular
Posts: 238
Joined: Mon Jul 20, 2009 10:53 pm
Contact:

Re: Cross Site Request Forgery (XSRF)

Post by MarioH »

Hi,

this is a known error in 2.1rc1 and here is how to fix it:

You have to change 2 lines in the plugins php file.

https://github.com/s9y/Serendipity/comm ... 2f8c87b305

Regards
Mario
Imajica
Regular
Posts: 59
Joined: Mon Dec 05, 2016 5:26 pm
Location: Racine
Contact:

Re: Cross Site Request Forgery (XSRF)

Post by Imajica »

thanks.. I musta missed that one

John
Post Reply