Page 1 of 1

Cross Site Request Forgery (XSRF)

Posted: Mon Mar 20, 2017 3:35 pm
by Imajica
Morning Folks

I'm running into an issue using Serendipity 2.1-rc1 and PHP 5.6.30
I have 2 sites in development one is at www.notmywebsite.com/portal
the second is at www.notmywebsite.com/also.notmywebpage.com

the first one is my main site and the second is a site I am working on for a friend of mine.
each has isn't own database and are in separate subdurectories

\When I try to update plugins via spartacus I get this error.

Code: Select all

Your browser did not sent a valid HTTP-Referrer string. This may have either been caused by a misconfigured browser/proxy or by a Cross Site Request Forgery (XSRF) aimed at you. The action you requested could not be completed.
I did look around the forums and the solutions I read thru don't seem to apply
I tried to read the german forums, but it's not a language I speak.

any ideas?

John

Re: Cross Site Request Forgery (XSRF)

Posted: Mon Mar 20, 2017 8:32 pm
by MarioH
Hi,

this is a known error in 2.1rc1 and here is how to fix it:

You have to change 2 lines in the plugins php file.

https://github.com/s9y/Serendipity/comm ... 2f8c87b305

Regards
Mario

Re: Cross Site Request Forgery (XSRF)

Posted: Mon Mar 20, 2017 8:46 pm
by Imajica
thanks.. I musta missed that one

John