Your Guide to Dodging CSRF Attack Detection
Haselrig
→ Phew, you just put the finishing touches on the best article you've ever written in eRep. All that’s left is to pick a category, hit “Publish” and sit back and watch the votes roll in. Aaaannnd...CSRF Attack Detected. @#*&!
Even if you managed to remember to save the article somewhere else, CSRF is still an extremely annoying bug/security feature, and you can find yourself on a seemingly endless treadmill of repeating this process over and over. Before you give up in frustration and the rest of eRep never gets to read your brilliant article, here are a couple strategies to try to dodge the CSRF Attack Detected page.
The first thing to try is discarding the draft in the article writer and logging out of eRep:
Next, hit Ctrl + F5 to refresh the page. Why Ctrl + F5 instead of just refreshing the browser page normally? Refreshing the page may give you the same page even if the content has changed because it may load the page from cache. But Ctrl-F5 forces a cache refresh, upping the odds that if the content is changed, you will get the new content instead of the cached version. It's not a guarantee that this will fix the problem as Ctrl+F5 will cause the browser to throw out the cache and request a new page from the server, the server may ignore the no-cache header and serve a server side cached page. So, even Ctrl+F5 may return an old version of the page if the server ignores the no-cache header and you'll still get a CSRF Attack Detected warning.
If that should happen, another strategy to try is to use a private browsing tab to dodge a CSRF warning. These features are available in some browsers, examples being Incognito mode in Chrome and InPrivate browsing in FireFox, and allow you to sidestep the cache problem of the previous strategy. Just open a private browsing window in whatever flavor of browser you’re using, log in to eRep, paste in your article and hit publish. You should be good to go.
Hopefully, one of these strategies works for you and we all get a chance to read your game-changing article. If not, you can always go Office Space on it. Damn It Feels Good To Be A Gangsta
😛
Comments
lol. There are more possibilities.
And easier.
Voted anyway xD
Yep, neither one of these is guaranteed. Always looking for better ways to do things 😉
[removed]
You should add for Firefox and Chrome: If CSRF attack is being detected, switch to HTTPSecure(https://) (https://www.erepublik.com/en/write-article).
There are no pictures and the whole interface will look strange. But if you scroll it down and find "Title", "Article" and "Category", it should be working. Well, at least it's working for me. Never had a problem again.
I think we've reached the edge of my browser knowledge with this one 🙂
Google Docs are your friend.
I never write in eRep. Always ends badly 🙂
I always write in eRep, I just use Ctrl+C every now and then (:
There is this tool: http://santieditor.nixiweb.com/
I don't know enough about it to recommend it completely, but I haven't had any problems from it yet. If you want to give it a try, use at your own risk and all that.
Bookmarked, thanks!
Worked for me. Good shout.
Thanks Orange o/
\o
I just change the browser to post the article. 😛
IE usually does the trick for me.
I tried to post this comment and got a CSRF attack 😃DD
Uh oh, they're on to us 😛
Vote from france. Got the problem using chrome and don"t want to switch to IE each time I want to write down an article.
The discard thing worked for me in the past so its good to try to inform everyone about it.
Thanks Robocall. It can get annoying after the third or fourth try, so anything that works is a good thing 🙂
V
voted
I write/edit articles often. This tutorial is awesome.
Also, ensure you check the URL of images you use in articles. If they have too many odd symbols or the end of the URL does not end with " .png, .jpeg, or .XXX " then it may corrupt your posting. I dealt with one sneaky image URL that stopped me from posting a new article for a whole week! SOOO DUMB.
Also, Gdocs is clutch to use and prepare a final draft before starting a new post.
Gdocs? you young whipper snappers with your new fangled tweetsing and smoking hashtags. In my day all we had was notepad, AND WE LIKED IT.
I lol'd
lol
I always use the "web" feature on image hosting sites just to avoid using the original URL. Otherwise, bad, embarrassing things can happen 🙂
Do you mean you use prntscr.com? Or what do you mean? I usually download the image then upload it to prntscr
I use Imgur, Imageshack and Postimage depending on whether I want to keep the graphic online or just get the link. They all have the option of uploading the image from your computer or the web. If I make the graphic, I choose the Computer option, if it's an image I found with an image search, I use the Web just in case the original image is taken down or it gets changed to something else, which can happen. You don't want that 😉
\0/
I'm just glad to see this article and the problem being discussed. I'm married to a computer programmer, so he told me what to do. But many people may not have any idea. Thanks for putting this out there!
I've seen a lot of people asking about how to get around it, but I've never seen an article about it. I figured if I wrote one with what works for me, that'd be better than nothing.
[7th Cavalry article]
http://www.erepublik.com/en/article/war-against-taiwan-2397222/1/20
vote fellow journalists
CSRF attack detected
CSRF counter-attack detected 🙂
The CSRF feature seems to hit me when I leave a tab open too long before posting. My simple fix is anytime I want to post an article/comment/reply/etc, first I hit ctrl+a, ctrl+c, f5, ctrl+v, then post/publish/etc. This has always worked for me. Still frustrating that we need to use a workaround like this. Cheers.
Seems to be a cache/server issue that is related to the time the page is open. There are probably a few fixes that are outside of my experience. I imagine some are better than the ones I've found. I'm a "whatever works" kind of guy 🙂
How about a very simple best practice of assuming your article will result in a CSRF attack so saving article in Word, or similar program, including the HTML for links, pics, etc.will be your backup, problem solved!
I never write anything into the article writer on eRep. I paste the article BBCode from a Gdoc, type in the title and pick a category. Sometimes that's still too long and I get the CSRF warning.
best way is to publish in a real journal and not on erepublik
v
V
I just clear my draft, hit Ctrl+F5 and paste the text I had copied in advance : )
Thanks for the article!
Glad it worked o/
V #814 😉
I use santieditor but for newbies and people who don't like or know of santieditor this article would be very helpful.
o7
i wonder if erepublik put this feature in to keep the number of articles posted to a minnimum!
Doesn't stop the ones you'd think they'd want stopped though 😉