19 lines
1.2 KiB
INI
19 lines
1.2 KiB
INI
csrf.title=Cross-Site Request Forgeries
|
|
csrf-get-null-referer.success=Congratulations! Appears you made the request from your local machine.
|
|
csrf-get-other-referer.success=Congratulations! Appears you made the request from a separate host.
|
|
|
|
|
|
csrf-get.hint1=The form has hidden inputs.
|
|
csrf-get.hint2=You will need to use an external page and/or script to trigger it.
|
|
csrf-get.hint3=Try creating a local page or one that is uploaded and points to this form as its action.
|
|
csrf-get.hint4=The trigger can be manual or scripted to happen automatically
|
|
|
|
csrf-same-host=It appears your request is coming from the same host you are submitting to.
|
|
|
|
csrf-you-forgot-something=There's something missing from your request it appears, so I can't process it.
|
|
|
|
csrf-review.success=It appears you have submitted correctly from another site. Go reload and see if your post is there.
|
|
|
|
csrf-review-hint1=Again, you will need to submit from an external domain/host to trigger this action. While CSRF can often be triggered from the same host (e.g. via persisted payload), this doesn't work that way.
|
|
csrf-review-hint2=Remember, you need to mimic the existing workflow/form.
|
|
csrf-review-hint3=This one has a weak anti-CSRF protection, but you do need to overcome (mimic) it |