Welcome Guest, Not a member yet? Register   Sign In
Server config causing CSRF triggers

I was able to change cookie_httponly to TRUE and the app did not give me login errors, but I was not able to re-add the HttpOnly directive in my httpd.conf and it made no difference in the 403 error I am getting. cookie_secure cannot be set to true because the app needs to be accessible from both https and http connections and the flag effectively disables http connections.

Messages In This Thread
RE: Server config causing CSRF triggers - by objecttothis - 08-22-2017, 08:18 AM
SOLUTION - by objecttothis - 09-07-2017, 04:16 AM

Theme © iAndrew 2016 - Forum software by © MyBB