Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Getting Rid Of The Csfr Attack Crap

Started by Releasethe Krakken , Dec 14 2013 08:27 PM

This topic is locked

5 replies to this topic

#1 Releasethe Krakken

Advanced Member

Members
620 posts

LocationSouth of the clouds and north of the wind

Posted 14 December 2013 - 08:27 PM

It used to be that one would be thrown to a empty page or error page when your connection disconnected because you took too long to post an article or comment.

That was not as bad as one could hit the back button and find your article again. Copy it and then paste it to your article.

Plato then fixed this and introduced a system were your drafts are supposedly saved. However in many cases it aint and hitting the draft gets you a csfr attack screen or variable of that.. Hitting the back button dont help also. I know your programmers do nothing but play haxball and troll in the off -topic forum but can you fix this please.

Back to top

#2 CheetahCurtis

Advanced Member

Members
281 posts

Posted 14 December 2013 - 08:33 PM

Do you know what a CSRF attack is?

Add Caribbean Countries to eRepublik: http://tinyurl.com/kfrslg9

I also eat babies and push elderly people off cliffs.

Back to top

#3 Releasethe Krakken

Advanced Member

Members
620 posts

LocationSouth of the clouds and north of the wind

Posted 14 December 2013 - 09:29 PM

yes its a post by an unauthorized user. you login = authorized user

you take too much time on a comment and your browser resets your connection to the site with no login details = unauthorized user

you post meaning Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf^[1]) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts the old page is up and transmits legit command but the site picks you up as logged out therefore its deemed a CSRF attack.

Back to top

#4 Releasethe Krakken

Advanced Member

Members
620 posts

LocationSouth of the clouds and north of the wind

Posted 16 December 2013 - 12:00 AM

can a mod please respond to this?

Back to top

#5 Shiina Sayane

Advanced Member

Members
326 posts

Posted 16 December 2013 - 04:55 AM

no,its needed for security.

CheetahCurtis likes this

Back to top

#6 elbandido

Advanced Member

Members
443 posts

Posted 16 December 2013 - 06:09 AM

It used to be that one would be thrown to a empty page or error page when your connection disconnected because you took too long to post an article or comment.

That was not as bad as one could hit the back button and find your article again. Copy it and then paste it to your article.

Plato then fixed this and introduced a system were your drafts are supposedly saved. However in many cases it aint and hitting the draft gets you a csfr attack screen or variable of that.. Hitting the back button dont help also. I know your programmers do nothing but play haxball and troll in the off -topic forum but can you fix this please.

Hello, maybe THIS can help you, but I suggest you to make your article outside the game then publish it (notepad for example).

Regards.

...always watching...