Security

Reply
Regular Contributor I

CP Guest Reset Password CSRF error

Hi,

 

I am using CP Guest, everthing is working fine but I stil have a problem with the Reset Password form. If I try to reset my password thru the Self Service Reset Password, I have this error message on the browser : This webpage has a redirect loop and the URL is : mycpserver/guest/auth_login.php.

 

Here is what I get in CP Guest log : 

 

Client:    46.xxx.xx.254:58617
Script:    /guest/guest_service_reset.php
Function:  NwaValidateCsrfToken
Details:   array (
  'username' => NULL,
  'SERVER_ADDR' => '10.1.0.3',
  'SERVER_PORT' => '80',
  'SERVER_NAME' => 'mycpserver',
  'SERVER_PROTOCOL' => 'HTTP/1.0',
  'REQUEST_METHOD' => 'POST',
  'SCRIPT_URI' => 'http://mycpserver/guest/guest_service_reset.php',
  'HTTP_HOST' => 'mycpserver',
  'HTTP_REFERER' => NULL,
  'HTTP_USER_AGENT' => 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36',
  'REMOTE_ADDR' => '46.xxx.xx.254',
  'REMOTE_PORT' => '58617',
)

 

Any idea about this issue ?

 

Thanks

 

Dimitri

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: