WordPress.org

Ready to get started?Download WordPress

Forums

Client setting of cookies (dbx-postmeta) = You don't have permission to do that. (1 post)

  1. hostmaster
    Member
    Posted 6 years ago #

    Hello

    We really like your software und would like to
    make a proposal, which allow us to use your solution
    behind Secure Application proxies.

    Your current solution (2.3.1) for creating of a
    new category (for instance) sets on the client side
    an additional cookie (AJAX Code) :
    dbx-postmeta=grabit:0+|1-|2-|3-|4-|5-&advancedstuff:0-|1-|2-

    This is definitely a security problem for all web servers,
    which run behind a secure application proxy, which
    allows (=forwards) just server side cookies. All client
    cookies (not sent by server), will be simply ignored
    (security thread) and will not be forwarded
    to the WordPress behind the proxy.

    Would it be possible to use parameters instead of cookies
    to transmit information to the server?

    In very secure environment your solution simple
    does not work - what is definitely pity.

Topic Closed

This topic has been closed to new replies.

About this Topic