ZenphotoCMS Forum
"albumedit" Cross Site Request Forgery blocked, What is this? - Printable Version

+- ZenphotoCMS Forum (https://forum.zenphoto.org)
+-- Forum: Support (https://forum.zenphoto.org/forum-1.html)
+--- Forum: General support (https://forum.zenphoto.org/forum-4.html)
+--- Thread: "albumedit" Cross Site Request Forgery blocked, What is this? (/thread-11582.html)



"albumedit" Cross Site Request Forgery blocked, What is this? - Archbob - 2014-01-16

When I try to edit an album, I always get:

"albumedit" Cross Site Request Forgery blocked"

It just started happening today, it worked fine yesterday and I don't think anything changed on the server. I cannot edit my images, its really frustrating.




"albumedit" Cross Site Request Forgery blocked, What is this? - Archbob - 2014-01-16

I'm traveling right now so I am logging in each night at a different location(same laptop), does this matter?




"albumedit" Cross Site Request Forgery blocked, What is this? - acrylian - 2014-01-16

It is a security measure to prevent access from outside to the backend. The url has a specific generated number appended that acts as a kind of authentification (in simple words).

Without basci info about your install we cannot really help. Please see the "general contributors guidelines" on our user guide.




"albumedit" Cross Site Request Forgery blocked, What is this? - Archbob - 2014-01-16

My installation version is 1.4.4.8. Can I disable this feature in the admin temporarily?




"albumedit" Cross Site Request Forgery blocked, What is this? - acrylian - 2014-01-16

No, you can't. Also you should upgrade.




"albumedit" Cross Site Request Forgery blocked, What is this? - Archbob - 2014-01-17

Could my internet connection at the hotel be the issue? It wasn't happening until 2 days ago.




"albumedit" Cross Site Request Forgery blocked, What is this? - acrylian - 2014-01-17

Yes, that very well can be.




"albumedit" Cross Site Request Forgery blocked, What is this? - sbillard - 2014-01-18

The requestor IP address must be consistent or a cross site forgery will be suspected. So if your ip address changes from request to post (Or what is presented as the ip address changes) the POST request will be considered a hacker attack.