Please disable any plugins/add-ons inside your browser or contact your system administrator. If you are the system administrator you can run v-change-sys-config-value 'POLICY_CSRF_STRICTNESS' '0' as root to disable this check.
" . "
If you followed a bookmark or an static link please click here"; die(); } } function prevent_post_csrf() { if (!empty($_SERVER["REQUEST_METHOD"])) { if ($_SERVER["REQUEST_METHOD"] === "POST") { if (!empty($_SERVER["HTTP_HOST"])) { [$hostname, $port] = explode(":", $_SERVER["HTTP_HOST"] . ":"); if (empty($port)) { $port = 443; } } else { $hostname = gethostname(); $port = 443; } if (isset($_SERVER["HTTP_ORIGIN"])) { $origin_host = parse_url($_SERVER["HTTP_ORIGIN"], PHP_URL_HOST); if ( strcmp($origin_host, gethostname()) === 0 && in_array($port, ["443", $_SERVER["SERVER_PORT"]]) ) { return checkStrictness(2); } else { if ( strcmp($origin_host, $hostname) === 0 && in_array($port, ["443", $_SERVER["SERVER_PORT"]]) ) { return checkStrictness(1); } else { return checkStrictness(0); } } } } } } function prevent_get_csrf() { if (!empty($_SERVER["REQUEST_METHOD"])) { if ($_SERVER["REQUEST_METHOD"] === "GET") { if (!empty($_SERVER["HTTP_HOST"])) { [$hostname, $port] = explode(":", $_SERVER["HTTP_HOST"] . ":"); if (empty($port)) { $port = 443; } } else { $hostname = gethostname(); $port = 443; } //list of possible entries route and these should never be blocked if ( in_array($_SERVER["DOCUMENT_URI"], [ "/list/user/index.php", "/login/index.php", "/list/web/index.php", "/list/dns/index.php", "/list/mail/index.php", "/list/db/index.php", "/list/cron/index.php", "/list/backup/index.php", "/reset/index.php", ]) ) { return true; } if (isset($_SERVER["HTTP_REFERER"])) { $referrer_host = parse_url($_SERVER["HTTP_REFERER"], PHP_URL_HOST); if ( strcmp($referrer_host, gethostname()) === 0 && in_array($port, ["443", $_SERVER["SERVER_PORT"]]) ) { return checkStrictness(2); } else { if ( strcmp($referrer_host, $hostname) === 0 && in_array($port, ["443", $_SERVER["SERVER_PORT"]]) ) { return checkStrictness(1); } else { return checkStrictness(0); } } } else { return checkStrictness(0); } } } } if ($check_csrf == true) { prevent_post_csrf(); prevent_get_csrf(); }