Thread: [Cppcms-users] Blank value within csrf field
Brought to you by:
artyom-beilis
Menu
▾
▴
cppcms-users
|
From: tuq3 <tu...@ya...> - 2015-03-17 11:53:53
|
Hi everyone! First of I put <%= csrf =%> into <from></form> and while loading page with this form i get error: cppcms, error: Caught exception [Session storage backend is not loaded]. I managed it by adding "session" preferences into config.js, but now I get a blank value within csrf hidden field after loading a page. |
|
From: Artyom B. <art...@ya...> - 2015-03-18 08:13:39
|
http://cppcms.com/wikipp/en/page/cppcms_1x_config#security.csrf You need to enable it. Unfortunately it isn't on by default for backward compatibility. Artyom Beilis -------------- CppCMS - C++ Web Framework: http://cppcms.com/ CppDB - C++ SQL Connectivity: http://cppcms.com/sql/cppdb/ From: tuq3 <tu...@ya...> To: cpp...@li... Sent: Tuesday, March 17, 2015 1:53 PM Subject: [Cppcms-users] Blank value within csrf field Hi everyone! First of I put <%= csrf =%> into <from></form> and while loading page with this form i get error: cppcms, error: Caught exception [Session storage backend is not loaded]. I managed it by adding "session" preferences into config.js, but now I get a blank value within csrf hidden field after loading a page. ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Cppcms-users mailing list Cpp...@li... https://lists.sourceforge.net/lists/listinfo/cppcms-users |
|
From: tuq3 <tu...@ya...> - 2015-03-18 10:17:24
|
18.03.2015 14:10, Artyom Beilis пишет: > http://cppcms.com/wikipp/en/page/cppcms_1x_config#security.csrf > > You need to enable it. > > Unfortunately it isn't on by default for backward compatibility. > Artyom Beilis > -------------- > CppCMS - C++ Web Framework: http://cppcms.com/ > CppDB - C++ SQL Connectivity: http://cppcms.com/sql/cppdb/ > > ------------------------------------------------------------------------ > *From:* tuq3 <tu...@ya...> > *To:* cpp...@li... > *Sent:* Tuesday, March 17, 2015 1:53 PM > *Subject:* [Cppcms-users] Blank value within csrf field > > Hi everyone! > First of I put <%= csrf =%> into <from></form> and while loading page > with this form i get error: > cppcms, error: Caught exception [Session storage backend is not > loaded]. > I managed it by adding "session" preferences into config.js, but > now I > get a blank value within csrf hidden field after loading a page. > > > ------------------------------------------------------------------------------ > Dive into the World of Parallel Programming The Go Parallel > Website, sponsored > by Intel and developed in partnership with Slashdot Media, is your > hub for all > things parallel software development, from weekly thought > leadership blogs to > news, videos, case studies, tutorials and more. Take a look and > join the > conversation now. http://goparallel.sourceforge.net/ > _______________________________________________ > Cppcms-users mailing list > Cpp...@li... > <mailto:Cpp...@li...> > https://lists.sourceforge.net/lists/listinfo/cppcms-users > > > > > ------------------------------------------------------------------------------ > Dive into the World of Parallel Programming The Go Parallel Website, sponsored > by Intel and developed in partnership with Slashdot Media, is your hub for all > things parallel software development, from weekly thought leadership blogs to > news, videos, case studies, tutorials and more. Take a look and join the > conversation now. http://goparallel.sourceforge.net/ > > > _______________________________________________ > Cppcms-users mailing list > Cpp...@li... > https://lists.sourceforge.net/lists/listinfo/cppcms-users Hmm, I set this option. But the field is still empty. |
|
From: Artyom B. <art...@ya...> - 2015-03-18 10:24:17
|
Have you created session? (i.e. is your session isn't empty - you defined some value at cppcms session level) Because CSRF does not have sense if nobody "logged in". Artyom Beilis -------------- CppCMS - C++ Web Framework: http://cppcms.com/ CppDB - C++ SQL Connectivity: http://cppcms.com/sql/cppdb/ From: tuq3 <tu...@ya...> To: Artyom Beilis <art...@ya...>; cpp...@li... Sent: Wednesday, March 18, 2015 12:17 PM Subject: Re: [Cppcms-users] Blank value within csrf field 18.03.2015 14:10, Artyom Beilis пишет: http://cppcms.com/wikipp/en/page/cppcms_1x_config#security.csrf You need to enable it. Unfortunately it isn't on by default for backward compatibility. Artyom Beilis -------------- CppCMS - C++ Web Framework: http://cppcms.com/ CppDB - C++ SQL Connectivity: http://cppcms.com/sql/cppdb/ From: tuq3 <tu...@ya...> To: cpp...@li... Sent: Tuesday, March 17, 2015 1:53 PM Subject: [Cppcms-users] Blank value within csrf field Hi everyone! First of I put <%= csrf =%> into <from></form> and while loading page with this form i get error: cppcms, error: Caught exception [Session storage backend is not loaded]. I managed it by adding "session" preferences into config.js, but now I get a blank value within csrf hidden field after loading a page. ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Cppcms-users mailing list Cpp...@li... https://lists.sourceforge.net/lists/listinfo/cppcms-users ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Cppcms-users mailing list Cpp...@li... https://lists.sourceforge.net/lists/listinfo/cppcms-users Hmm, I set this option. But the field is still empty. ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Cppcms-users mailing list Cpp...@li... https://lists.sourceforge.net/lists/listinfo/cppcms-users |
|
From: tuq3 <tu...@ya...> - 2015-03-18 10:37:12
|
18.03.2015 16:21, Artyom Beilis пишет: > Have you created session? > > (i.e. is your session isn't empty - you defined some value at cppcms > session level) > > Because CSRF does not have sense if nobody "logged in". > > > Artyom Beilis > -------------- > CppCMS - C++ Web Framework: http://cppcms.com/ > CppDB - C++ SQL Connectivity: http://cppcms.com/sql/cppdb/ > > ------------------------------------------------------------------------ > *From:* tuq3 <tu...@ya...> > *To:* Artyom Beilis <art...@ya...>; > cpp...@li... > *Sent:* Wednesday, March 18, 2015 12:17 PM > *Subject:* Re: [Cppcms-users] Blank value within csrf field > > 18.03.2015 14:10, Artyom Beilis пишет: >> >> >> http://cppcms.com/wikipp/en/page/cppcms_1x_config#security.csrf >> >> You need to enable it. >> >> Unfortunately it isn't on by default for backward compatibility. >> Artyom Beilis >> -------------- >> CppCMS - C++ Web Framework: http://cppcms.com/ >> CppDB - C++ SQL Connectivity: http://cppcms.com/sql/cppdb/ >> >> ------------------------------------------------------------------------ >> *From:* tuq3 <tu...@ya...> <mailto:tu...@ya...> >> *To:* cpp...@li... >> <mailto:cpp...@li...> >> *Sent:* Tuesday, March 17, 2015 1:53 PM >> *Subject:* [Cppcms-users] Blank value within csrf field >> >> Hi everyone! >> First of I put <%= csrf =%> into <from></form> and while >> loading page >> with this form i get error: >> cppcms, error: Caught exception [Session storage backend is >> not loaded]. >> I managed it by adding "session" preferences into config.js, >> but now I >> get a blank value within csrf hidden field after loading a page. >> >> >> ------------------------------------------------------------------------------ >> Dive into the World of Parallel Programming The Go Parallel >> Website, sponsored >> by Intel and developed in partnership with Slashdot Media, is >> your hub for all >> things parallel software development, from weekly thought >> leadership blogs to >> news, videos, case studies, tutorials and more. Take a look >> and join the >> conversation now. http://goparallel.sourceforge.net/ >> _______________________________________________ >> Cppcms-users mailing list >> Cpp...@li... >> <mailto:Cpp...@li...> >> https://lists.sourceforge.net/lists/listinfo/cppcms-users >> >> >> >> >> ------------------------------------------------------------------------------ >> Dive into the World of Parallel Programming The Go Parallel Website, sponsored >> by Intel and developed in partnership with Slashdot Media, is your hub for all >> things parallel software development, from weekly thought leadership blogs to >> news, videos, case studies, tutorials and more. Take a look and join the >> conversation now.http://goparallel.sourceforge.net/ >> >> >> _______________________________________________ >> Cppcms-users mailing list >> Cpp...@li... <mailto:Cpp...@li...> >> https://lists.sourceforge.net/lists/listinfo/cppcms-users > Hmm, I set this option. But the field is still empty. > > > ------------------------------------------------------------------------------ > Dive into the World of Parallel Programming The Go Parallel > Website, sponsored > by Intel and developed in partnership with Slashdot Media, is your > hub for all > things parallel software development, from weekly thought > leadership blogs to > news, videos, case studies, tutorials and more. Take a look and > join the > conversation now. http://goparallel.sourceforge.net/ > > _______________________________________________ > Cppcms-users mailing list > Cpp...@li... > <mailto:Cpp...@li...> > https://lists.sourceforge.net/lists/listinfo/cppcms-users > > > > > ------------------------------------------------------------------------------ > Dive into the World of Parallel Programming The Go Parallel Website, sponsored > by Intel and developed in partnership with Slashdot Media, is your hub for all > things parallel software development, from weekly thought leadership blogs to > news, videos, case studies, tutorials and more. Take a look and join the > conversation now. http://goparallel.sourceforge.net/ > > > _______________________________________________ > Cppcms-users mailing list > Cpp...@li... > https://lists.sourceforge.net/lists/listinfo/cppcms-users I got it. Thank you! |
Thanks for helping keep SourceForge clean.
X