Menu

403 Forbidden

Dom
2014-12-12
2015-02-03
  • Dom

    Dom - 2014-12-12

    Hi,

    After I installed mod_csrf and also mod_parp, I'm getting 403 Forbidden on my web pages. I'm still new to Apache stuff, if anyone has an idea on why is this happening it would be a great help. Thank you.

     
  • Pascal Buchbinder

    You need to install the not only the module but also the JavaScript file and make the script accessible by the client (as defined by the CSRF_ScriptPath directive). The JavaScript code should then inject the necessary ID allowing requests to access your server. Depending on your application's content, you may want to adapt the JavaScript to add the ID to additional links / content.

    Requests with parameters (but not ID) are denied (403).

     
  • Dom

    Dom - 2014-12-22

    I see. Thank you for you reply. Can I ask where I can find the Javascript code? is it included on the module when installed? or do I need to create my own Javascript code?

     
  • Pascal Buchbinder

    you may use the csrf.js script which is included in the mod_csrf tarball

     
  • Dom

    Dom - 2015-02-03

    It worked ! The csrf tokens are now being injected.

    However, I'm finding it weird that some of my pages still receives the 403 error. It maybe that the csrf tokens are not able to inject on that pages. Any thoughts?

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.