If you could add something to Kentico, what would it be and why?

CSRF attack disable on certain page configuration

Disable CSRF option is a must because sometime Payment Gateway post data to website. As a result system throw an error Value s is null /CSRF attack detected. We cannot control payment gateway, So this option is a must.

6 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    I already open support ticket[0141000370] about this issue. And hotfix 10.0.3 only fix for paypal IPN. Not other payment gateway. Some payment gateway post data to site after payment successful/failed, and they also have IPN. So IPN can bypass using come configuration in aspx template. BUT normal thankyou page using portal engine cannot bypass this option, unless convert it using aspx template. Too troublesome. I Prefer to have check box to enable or disable for certain page in CMS

  • Anonymous commented  ·   ·  Flag as inappropriate

    I already open support ticket[0141000370] about this issue. And hotfix 10.0.3 only fix for paypal IPN. Not other payment gateway. Some payment gateway post data to site after payment successful/failed, and they also have IPN. So IPN can bypass using come configuration in aspx template. BUT normal thankyou page using portal engine cannot bypass this option, unless convert it using aspx template. Too troublesome. I Prefer to have check box to enable or disable for certain page in CMS.

Feedback and Knowledge Base