[BlueOnyx:24925] 5210r AlmaLinux and API CSRF issue
Fungal Style
wayin at hotmail.com
Thu Apr 22 05:58:10 -05 2021
Here is a weird one. I have checked the time and it is pointing to the ESXI as a time server (which is sync'd over the internet, but it means all machines are based on the ESXI to avoid drift), the time also matches my Windows desktop machine and my mobile phone time also (so it is pretty close to correct well as much as you can expect).
https://ior.ad/7xKa?iframeHash=trysteps-1
[https://www.iorad.com/api/tutorial/sharingScreenshot?tutorial_id=1798010&sharing_type=default&cache=1619088240000]<https://ior.ad/7xKa?iframeHash=trysteps-1>
Console - How to untitled task name<https://ior.ad/7xKa?iframeHash=trysteps-1>
Check out this tutorial on iorad.com
ior.ad
I try to open the BlueOnyx gui from WHMCS and it brings the login page as expected, but when entering the username and password it then provides a CSRF message, but when I click on the address bar, press enter to reload the page, I can log in manually. I turn off CSRF and there are no issues with the initial attempt (which would be as expected) unlike in the screen grab where it fails with CSRF enabled and I have to reload the page manually and log in is then successful.
Any specific logs I can provide to help with this?
Regards
Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20210422/719ecad0/attachment.html>
More information about the Blueonyx
mailing list