 |
|
|
Mod Options |
[ITECH] Inferno CSRF Auto Protection Details »
|
|||||||||||||||||||
|
[ITECH] Inferno CSRF Auto Protection
Developer Last Online: May 2010 
This modification is in the archives.
----------------------------------
[ITech] Inferno CSRF Auto Protection Created By Inferno Technologies (http://www.infernotechnologies.net) Copyright 2004-2008 All rights reserved Project Development Team: Zero Tolerance Project Lead: Iain "Decado" Kidd Support Forum: N/A (Supported here) ---------------------------------- Installation Simply upload the product XML (Inferno CSRF Auto Protection.xml). Project Description This is a minor modification aimed at 3.6.10 (untested on vB 3.7 RC4, do so at your own will) which will automatically apply CSRF protection on the fly to forms which don't have security tokens and scripts which don't have security flags set. The purpose of this is to allow a seemless upgrade to 3.6.10 without having modifications break, but also to quickly apply the protection on them too. However, this modification relies on the use of vBulletins print_output() function, some modifications will not use this for several reasons, and in these rare instances this modification will add protection to the scripts while not being able to add security tokens, you can disable auto-protection script by script if you find this occurs for you. Simply edit the plugin '[I.CSRF] Set CSRF Flag' and you'll find in the code an example on how to add a script to the exemption list. For instance, if you wanted to add the script 'MY_COOL_SOFTWARE' to the exemption list, simply add the following code:
Under this code:
This modification should also apply security tokens for normal vBulletin templates in the instance that the vBulletin upgrader failed to automatically edit the template for you. Other Features When using vBulletin in debug mode, the debug information displayed at the bottom will display existing protected forms, and how many forms have been auto-protected by Inferno CSRF. Feedback is welcome, enjoy  - Zero Tolerance Download Now Only licensed members can download files, Click Here for more information. Show Your Support
No members have liked this post.
|
|||||||||||||||||||
About Developer
Visit Web Site
Not Supported 
Uses Plugins|
Similar Mod
|
||||
| Mod | Developer | Type | Replies | Last Post |
| Show Thread Enhancements Stamps (CSRF protection added) | misr.cc | vBulletin 3.7 Add-ons | 98 | 14 Oct 2012 14:54 |
| Add-On Releases vBTube 1.2.9 (CSRF protection added) | Playa82 | vBulletin 3.7 Add-ons | 434 | 22 Jan 2012 23:08 |
| Integration with vBulletin [ITECH] Inferno External Lite | Inferno Tech | vBulletin 3.6 Add-ons | 81 | 27 Nov 2010 15:59 |
| Major Additions [ITech] RPG Inferno 2.4 Lite | Inferno Tech | Modification Graveyard | 149 | 13 Jul 2007 10:05 |
| Comments |
|
#2
23 Apr 2008, 23:47
|
|||
|
|||
|
Hm...The majority of modifications using print_output() are probably utilizing separate files, so backwards compatibility shouldn't even be a problem since Jelsoft has already defined the constant needed to activate the new token protocol.
No members have liked this post.
|
|
#3
23 Apr 2008, 23:49
|
||||
|
||||
|
Here's hoping so, the idea is really to add protection to those now (Some people are security freaks
 ).- Zero Tolerance No members have liked this post.
|
|
#4
25 Apr 2008, 09:40
|
||||
|
||||
|
Thank you, Nice share
No members have liked this post.
|
|
#5
26 Apr 2008, 08:03
|
|||
|
|||
|
Any ideas what can one do to close this plug in vB 3.0.xx??
I have a heavily hacked site, with so many mods that I do not even consider upgrading it to the latest version. Any idea would be really appreciated.
__________________
John SV1CEC No members have liked this post.
|
|
#6
26 Apr 2008, 09:14
|
||||
|
||||
Wow...nice work Zero! This fixed the Personal Notepad & Event Attendance mods.
Sure hope someone comes up with a fix for the Casino. Thank you, Nick
__________________
 No members have liked this post.
|
|
#7
26 Apr 2008, 16:04
|
|||
|
|||
|
While it fixed the board issues on RC4... it broke the notices feature in the admin cp (now I get a security token problem on the backend after installing).
Sorry, I have to uninstall. 
No members have liked this post.
|
|
#8
26 Apr 2008, 21:46
|
||||
|
||||
|
I would like to be sure.
With this mod, no need to update to 3.6.10 ? No members have liked this post.
|
|
#9
27 Apr 2008, 01:09
|
||||
|
||||
|
IvyKeepMommy
It will cause some things to break, you can add those scripts in the exclusion Wobbly Goblin Glas to hear it! lange No, this is for 3.6.10 to automatically make all mods use CSRF protection - Zero Tolerance No members have liked this post.
|
|
#10
28 Apr 2008, 19:22
|
||||
|
||||
|
Originally Posted by Inferno Tech
when i try to search for a user on main admincp I get a error if I disable this hack error disappear any way to fix this ?
No members have liked this post.
|
|
#11
02 May 2008, 08:00
|
||||
|
||||
|
Thank you
My No members have liked this post.
|
|
#12
01 Jun 2008, 14:01
|
|||
|
|||
|
thanks
__________________
No members have liked this post.
|
|
#13
01 Jul 2008, 20:24
|
|||
|
|||
|
Thanks a million my friend ... you were like a god sent angel
No members have liked this post.
|
|
#14
31 Jul 2008, 17:17
|
|||
|
|||
|
thanks youy nice aporte.
No members have liked this post.
|
|
#15
17 May 2009, 12:11
|
||||
|
||||
|
thank you
__________________
No members have liked this post.
|
|
«
Previous Mod
|
Next Mod
»
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Mod Options | |
|
|
| New To Site? | Need Help? |
All times are GMT. The time now is 01:17.