powered by Jive Software

Administrator Console

Hello Gentlemen,

My environment is windows 10 , apache 2 , php , perl , mysql , etc

I installed open fire 4.64.x64 and it is working normally.

I recently implemented a voice command function in the system and
when accessing the administrator console (authorization screen) by voice command I get
an authentication error : CSRF Failure!

Note[1] - without the voice command function activated (authorization to use the microphone)
authentication is performed correctly and I have access to the open fire data screen.
Note[2] - on the authentication screen, the user and password data are entered by typing, ie
at this point there is no voice command.

Does anyone know what the problem is?

Thank you for your attention,


NOTE - this text was translated by google

CSRF protection guards against attacks that trick end-users into issuing request on behalf of an attacker. Openfire guards against this in a couple of ways, but mostly by generating a cookie with random data when a page is loaded, which must be set when a form on that page is submit. This helps verify that the submitter of the form is the same as the one that requested the initial page. I’m assuming that your customizations break this protection. I’m afraid that I cannot tell you how to fix this.

Thank you for your attention.