CSRF attack

13 years 2 days ago #158797 by peterrey
CSRF attack was created by peterrey
prejudice to the forum I did a search on forum but I only found this:
www.joomlapolis.com/forum/154-advanced-members-support/152123-csrf-attack-angriff-erkannt- # 152214
Some users of my site made ​​with joomla 1.5.22 with the addition of Italian uddeIM when trying to send a PM receiving a box placed under the name of the recipient "intercept CSRF attack"
you know what that is?
how can I fix this?
Sorry for the English B)
thanks

Please Log in to join the conversation.

13 years 2 days ago #158798 by slabbi
Replied by slabbi on topic Re: CSRF attack
It is explained in the FAQ.

Switch it off in the backend.

uddeIM & uddePF Development
CB Language Workgroup
CB 3rd Party Developer

Please Log in to join the conversation.

13 years 2 days ago #158801 by peterrey
Replied by peterrey on topic Re: CSRF attack
thanks to the speed of response other than "supermen" :)
I will read the FAQ and the ability to turn off the control csrf but first I'd like to understand the problem, it depends on the site or the browser user, and what might be the solution

Please Log in to join the conversation.

13 years 2 days ago #158802 by slabbi
Replied by slabbi on topic Re: CSRF attack
The feature was added for J1.0 sites. J1.5/1.6 do not really need this protection. If enabled it works usually fine but when a user uses back/forward buttons it fails of course and it may interfere with other components/modules.

uddeIM & uddePF Development
CB Language Workgroup
CB 3rd Party Developer

Please Log in to join the conversation.

13 years 2 days ago #158803 by peterrey
Replied by peterrey on topic Re: CSRF attack
then advise me to disable it?
ok thanks

Please Log in to join the conversation.

Moderators: beatnantslabbikrileon
Time to create page: 0.203 seconds