• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
LogicException #403 - CSRF problem

#1
Hey, sometimes i get a LogicException #403

LogicException #403 The action you requested is not allowed

error when i try to login. cant reproduce it reliable, it happend every week once i guess and is fixed after a reload ( the last few times it was right after a browser start with the login page as stored tab )

Login html :
PHP Code:
<?= form_openbase_admin_url() ) ?>
    <div class="input-field">
        <input type="text" name="username" size="45" <?php if( isset( $username ) ) echo 'value="'$username'"'?> required />
        <label>Username</label>
    </div>
    <div class="input-field">
        <input type="password" name="password" size="72" <?php if( isset( $password ) ) echo 'value="'$password'"'?> required />
        <label>Password</label>
    </div>
    <input class="btn" type="submit" value="Login" />
    </form> 

i do no redirect in the login check so i cant imangine how it can result in something like this
Reply

#2
PHP Code:
// Your username and password should be periods not commas!

<?php if( isset( $username ) ) echo 'value="'.$username.'"'?>

<?php if( isset( $password ) ) echo 'value="'.$password.'"'?>
What did you Try? What did you Get? What did you Expect?

Joined the CodeIgniter Community in 2009.          ( Skype: insitfx )
Reply

#3
yes, i know but it will not change the behaviour

i also noticed it in chrome and firefox ( didnt use/test edge often enoguh )
Reply

#4
happend again - here is screenshot of the request


[Image: CSRF.jpg]
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.