Form token modifier for cpg1.5.x Form token modifier for cpg1.5.x
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Form token modifier for cpg1.5.x

Started by Αndré, July 16, 2010, 09:48:11 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Αndré

This plugin modifies the form token criteria array. It adds client side values (ip address and browser agent) to the form token generator. This generates super secure form tokens, but may add issues (the 'A valid token  could not be found' error message) for people who are using a pseudo-security apps which remove the user agent or people where their ISP changes their IP address frequently.

This plugin has no configuration, as it automatically adds the client side values to the array.


You need at least cpg1.5.8, as the needed plugin hook has been introduced in revision 7778.