« previous next »
Topic: "A possible CSRF attempt was detected." error in FF, but fine in IE  (Read 1099 times)

Print
Pages: [1]   Go Down

#1: 19-Nov-2009, 07:58 AM

danielw
Posts: 143
Hey there,

I get the "A possible CSRF attempt was detected. No referer was provided by the server." message when I log into the manager with FF, but when I try it with IE7 it works fine.

First thought was that the culprit must be the cache. So cleared the FF cache and the MODx cache. No change.

I then tested switching off the usual suspect add-ons (e.g. Firebug) but to no avail.

I switched the "Validate HTTP_REFERER headers?" option to NO in the config (using IE). But still no dice in FF.

Any ideas?

#2: 8-Dec-2009, 02:06 PM

Foundation

rthrash
Posts: 11,575

WWW
Did you ever sort this out? Try re-running the installer in upgrade mode after moving a clean set of files in (saving any extra snippets and moving a copy of the config file over)?
MODx is a content management framework that allows web professionals to turn over sites to end-users for daily maintenance without worrying. Please help us help you when asking for assistance and read the wiki. Searching the forums from the top level helps, too.
Ryan Thrash
MODx Co-Founder
Principal @ Collabpad
work productively.
work intelligently.
work together.

#3: 16-Dec-2009, 04:19 AM

danielw
Posts: 143
Seems to be OK for the moment. Uploaded a fresh cache file and did an upgrade install. Will let you know if anything breaks.

EDIT. And something does. When I set the click the "Don't show this warning again" in the Configuration tab, it sets the database value for system_settings to "00".
« Last Edit: 16-Dec-2009, 04:23 AM by danielw »

#4: 22-Dec-2009, 09:13 AM

nihonsei
Posts: 2

WWW
Method 1:

1. Disable your Antivirus software(ex. Nortan Internet Security)
2. Delete all cookies and refresh Internet Explorer
3. Try to login
4. If you successfuly login to Modx, Go to Tools Menu -> Select Configuration.
5. In System Configuration -> select Site.
6. In Site menu please select 'No' radio under "button Validate HTTP_REFERER headers?" and Save.
7. Enable your Antivirus software.

or
Method 2:
Set mannualy database system_settings to 0

or
Method 3:
If you want to use Yes option for "Validate HTTP_REFERER headers?". Please disable your antivirus software (Nortan Internet Security). You can work with Modx in Validate HTTP_REFERER headers mode.

Good luck.

Nihonsei

#5: 5-May-2010, 02:24 PM


Ysanmiguel
Posts: 35

ysanmiguel

WWW
My Friend if Modx Works fine in IE, Crome etc... and only have problems in Firefox... that is the problem Firefox!!

so is just configuration.

1. Type “about:config” in the location bar, and press Enter.
2 In the filter box, type “referer” and press Enter. This should leave you with one preference, network.http.sendRefererHeader. This is probably set to 0.
3 Right click on network.http.sendRefererHeader and select “Modify”
 
- Just change it to 2

and thats all.  Grin

Are just some things about security in firefox...

I HOPE THAT WORKS FOR YOU TOO, MORE INFORMATION HERE:

http://www.belafontecode.com/fix-modx-csrf-error-in-firefox/
« Last Edit: 5-May-2010, 02:27 PM by Ysanmiguel »
--
ysanmiguel
...
Never Fear The Unknown!
Pages: [1]   Go Up
Print
0 Members and 1 Guest are viewing this topic.
 

 
 

Contact | Advertise | Blog | FAQ | Credits

© 2005-2010 MODx, LLC. All rights reserved. Privacy Policy | Terms of Service
Powered by SMF 1.1.11 | SMF © 2006-2008, Simple Machines LLC