[BlueOnyx:25753] Re: CSRF mismatch: The action you have requested is not allowed.

kmrichardson at rogers.com kmrichardson at rogers.com
Fri Nov 25 17:24:47 -05 2022 

Thank you Brian

I did read some of the older archives and seen that as one of the issues with the older servers but Michael had corrected the issue a while ago
But I did double check that and yes the time and zone are correct for the hardware

[root at lists ~]# timedatectl
               Local time: Fri 2022-11-25 17:21:32 EST
           Universal time: Fri 2022-11-25 22:21:32 UTC
                 RTC time: n/a
                Time zone: US/Eastern (EST, -0500)
System clock synchronized: yes
              NTP service: inactive
          RTC in local TZ: no

Like I said I can ssh in to the machine with no issues using the setup password, but just can't get to the web interface to complete the setup




-----Original Message-----
From: Blueonyx <blueonyx-bounces at mail.blueonyx.it> On Behalf Of Fungal Style
Sent: November 25, 2022 4:43 PM
To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
Subject: [BlueOnyx:25750] Re: CSRF mismatch: The action you have requested is not allowed.

Hi Keith,

Just a quick 2 cents worth, I setup a couple of (5208 or similar I think as I needed some older PHP version for a site to be moved) in the last few days and started to hit this issue with them, it was more about the time and date set on the BO server, after setting, restarting from the shell they seem to be stable now, maybe it was something in my environment, but something to look out for: 
timezone name
Date
Time

Regards
Brian

On 26/11/2022, 8:27 am, "Blueonyx on behalf of Michael Stauber" <blueonyx-bounces at mail.blueonyx.it on behalf of mstauber at blueonyx.it> wrote:

    Hi Keith,

    > Just did 2 fresh install of 5210R and I've faced with this again
    > 
    > CSRF mismatch: The action you have requested is not allowed.
    > 
    > On two different fresh installs
    > 
    > Just thought I would let you know Michael

    This is how it's supposed to be: Upon a fresh install of BlueOnyx 5210R 
    CSRF is disabled automatically until you finish the web based setup 
    wizard. Then it gets turned on automatically. It protects both GET and 
    POST requests.

    Where did the error happen? During the web based initial setup or past it?

    On the Login page? Or past it?

    Anyway: If you want, you can turn off CSRF protection this way from SSH 
    as root. This goes all into one line:

    echo "Find System"|/usr/sausalito/bin/cceclient|grep ^104|awk '{ print 
    "SET " $3 " csrf_protection = 0"}'|/usr/sausalito/bin/cceclient

    -- 
    With best regards

    Michael Stauber
    _______________________________________________
    Blueonyx mailing list
    Blueonyx at mail.blueonyx.it
    http://mail.blueonyx.it/mailman/listinfo/blueonyx


_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list