 |
|
You are here: Foswiki>Support Web>SupportQuestions>Question712 (26 Nov 2010, PhilippWeber)Edit Attach
This question about Configuration: Answered but needs rewriting
How to disable Cross Site Request Forgery ( CSRF ) warning?
I am integrating foswiki as an intranet solution for a firm with about 1000 emplyees. The webserver and everything is heavyly shielded and the authentication unique to the person. I get questions all the time from people how feel threatened by the CSRF warning. And I don't see any need for this warning in enviroment but was not able to find a clean solution to disable it. I guess i overlooked it. Anyway. Maybe a it's good to have this question answered for your support database. And of course you would help us very much with it
Kind regards,
-- EnrikGuenter - 24 Nov 2010
If you are referring to the page that is headed "Warning! Confirmation required" (or local language equivalent) then you can change the behaviour in configure: Security and Authentication ... Sessions ... {Validation}{Method} defaults to strikeone but can be set to none to disable CSRF warnings. -- MartinRowe - 24 Nov 2010
I have had the same problem of "Warning! Confirmation required" sites popping up everytime a change was submitted to the wiki (edit, user registration, etc.) after upgrading from 1.0.9 to 1.1.2. Even worse some Firefox browsers didn't even showed an OK button. Setting the {Validation}{Method} to embedded did the trick for me even if the OK button is still missing sometimes. -- PhilippWeber - 26 Nov 2010
QuestionForm edit
| Subject | Configuration |
| Extension | |
| Version | Foswiki 1.1.2 |
| Status | Answered but needs rewriting |
Edit | Attach | Print version | History: r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r3 - 26 Nov 2010, PhilippWeber
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. 
Legal Imprint Privacy Policy
Legal Imprint Privacy Policy