05-08-2017, 10:38 AM
hello, I want to access Opendocman on my computer system from another computer system on a network using the IP address of my computer system but it showed me this massage 403 Access Forbidden by CSRFProtector! how can I fix this?
this is how my csrf_config.php page looks like.
<?php
/**
* Configuration file for CSRF Protector
* Necessary configurations are (library would throw exception otherwise)
* ---- logDirectory
* ---- failedAuthAction
* ---- jsPath
* ---- jsUrl
* ---- tokenLength
*/
return array(
"CSRFP_TOKEN" => "50",
"logDirectory" => "../log",
"failedAuthAction" => array(
"GET" => 0,
"POST" => 0),
"errorRedirectionPage" => "",
"customErrorMessage" => "",
"jsPath" => "vendor/owasp/csrf-protector-php/js/csrfprotector.js",
"jsUrl" => "http://localhost/vendor/owasp/csrf-protector-php/js/csrfprotector.js",
"tokenLength" => 50,
"disabledJavascriptMessage" => "This site attempts to protect users against <a href=\"https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29\">
Cross-Site Request Forgeries </a> attacks. In order to do so, you must have JavaScript enabled in your web browser otherwise this site will fail to work correctly for you.
See details of your web browser for how to enable JavaScript.",
"verifyGetFor" => array()
);
this is how my csrf_config.php page looks like.
<?php
/**
* Configuration file for CSRF Protector
* Necessary configurations are (library would throw exception otherwise)
* ---- logDirectory
* ---- failedAuthAction
* ---- jsPath
* ---- jsUrl
* ---- tokenLength
*/
return array(
"CSRFP_TOKEN" => "50",
"logDirectory" => "../log",
"failedAuthAction" => array(
"GET" => 0,
"POST" => 0),
"errorRedirectionPage" => "",
"customErrorMessage" => "",
"jsPath" => "vendor/owasp/csrf-protector-php/js/csrfprotector.js",
"jsUrl" => "http://localhost/vendor/owasp/csrf-protector-php/js/csrfprotector.js",
"tokenLength" => 50,
"disabledJavascriptMessage" => "This site attempts to protect users against <a href=\"https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29\">
Cross-Site Request Forgeries </a> attacks. In order to do so, you must have JavaScript enabled in your web browser otherwise this site will fail to work correctly for you.
See details of your web browser for how to enable JavaScript.",
"verifyGetFor" => array()
);