[BlueOnyx:24824] Re: 5209 Cannot enable Api // BlueOnyx_CSRF_token is unknown
Michael Stauber
mstauber at blueonyx.it
Tue Mar 16 14:25:18 -05 2021
Hi Rodrigo,
> To report that on all of our 5209 fully yummed servers we cannot enble de
> API:
>
> The error received on all of them is the following:
> "Sorry, an internal server error occurred. The attribute BlueOnyx_CSRF_token
> is unknown. Please visit http://BlueOnyx.it/ for technical info."
Sorry, a this time CSRF and API usage are mutually exclusive. So if you
want to use the API, you have to turn off CSRF in "Server Management" /
"Maintenance" / "Server Desktop".
As is the CSRF functionality we use is the one that ships with
CodeIgniter and it doesn't have provisions to exclude certain IPs from
CSRF.
Eventually I will need to extend, augment or replace that function with
one that takes the "API Host(s)" settings into account.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list