1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Avoid "Security error occured, please try again later." POST from another domain without token

Discussion in 'XenForo Development Discussions' started by account8226, Jun 10, 2013.

  1. account8226

    account8226 Guest

    Hello XenForo,

    I am making a donation add-on.

    The problem is the following, when the user submit his payement, a POST request is mode to a page of my add-on (automaticly made by the server where the payement is made).

    So it's doing :

    External site -------P-O-S-T REQUEST--------> My XenForo site.

    The problem, since there isn't the visitor token in the POST request the external donation site have done, I got the error : "Security error occured, please try again later.".
     
  2. account8226

    account8226 Guest

    Maybe there is a way to disable token check ? Or allowing post request without token from a specific url ? Or setting the token with a custom data there would be in the request ?
     
  3. Chris D

    Chris D XenForo Developer Staff Member

    Jake Bunce and account8226 like this.
  4. account8226

    account8226 Guest

  5. Chris D

    Chris D XenForo Developer Staff Member

    It's probably not ideal...
     
  6. account8226

    account8226 Guest

    And only for one method ?
     
  7. account8226

    account8226 Guest

    I've found a deal without removing the check (by extended the _checkCsrfFromToken method by setting up the token in there).

    Thanks you for your patience as always Chris (y)(y)!
     
    Chris D likes this.

Share This Page