I need to know how to disable the CSRF function in Impresspages cms

Question

I need to know how to disable the CSRF function in Impresspages cms. i saw a possible answer provided on a previous thread, but wasnt fully sorted. When my customer logs into my impress pages site at: cleanwaterpartnership.co.uk, he gets an "ERROR undefined" message. In the log files on the cms system it states:

Core.possibleCsrfAttack.

The notes say:

array(1) { 
["post"]=> 
array(6) { 
    ["securityToken"]=> string(32) "b2766e9f8578bf04d456952a35882bb4" 
    ["antispam"]=> array(2) { [0]=> string(0) "" [1]=> string(32) "ea3810b9e1da7fdaffe4003836be0541" } 
    ["sa"]=> string(15) "Admin.loginAjax" 
    ["global_error"]=> string(0) "" 
    ["login"]=> string(16) "Alastair Stewart" 
    ["password"]=> string(16) "XXXXXXXXX" } 
}

just append the CSRF token with the request their making – johnny 5 Nov 18 '15 at 16:27 — johnny 5, Nov 18 '15 at 16:27

score 1 · Answer 1 · answered Nov 18 '15 at 19:11

1

Use PublicController type. https://www.impresspages.org/docs/controller This type of controller doesn't do any checks.

answered Nov 18 '15 at 19:11

Mangirdas Skripka

1,647
1
15
14

I need to know how to disable the CSRF function in Impresspages cms

1 Answers1