Join the new world

Already have an account? Login



What is this?

You are reading an article written by a citizen of eRepublik, an immersive multiplayer strategy game based on real life countries. Create your own character and help your country achieve its glory while establishing yourself as a war hero, renowned publisher or finance guru.

Your Guide to Dodging CSRF Attack Detection

Day 2,358, 05:30 • Published in USA USA

• by Haselrig

→ Phew, you just put the finishing touches on the best article you've ever written in eRep. All that’s left is to pick a category, hit “Publish” and sit back and watch the votes roll in. Aaaannnd...CSRF Attack Detected. @#*&!

Even if you managed to remember to save the article somewhere else, CSRF is still an extremely annoying bug/security feature, and you can find yourself on a seemingly endless treadmill of repeating this process over and over. Before you give up in frustration and the rest of eRep never gets to read your brilliant article, here are a couple strategies to try to dodge the CSRF Attack Detected page.

The first thing to try is discarding the draft in the article writer and logging out of eRep:

Next, hit Ctrl + F5 to refresh the page. Why Ctrl + F5 instead of just refreshing the browser page normally? Refreshing the page may give you the same page even if the content has changed because it may load the page from cache. But Ctrl-F5 forces a cache refresh, upping the odds that if the content is changed, you will get the new content instead of the cached version. It's not a guarantee that this will fix the problem as Ctrl+F5 will cause the browser to throw out the cache and request a new page from the server, the server may ignore the no-cache header and serve a server side cached page. So, even Ctrl+F5 may return an old version of the page if the server ignores the no-cache header and you'll still get a CSRF Attack Detected warning.

If that should happen, another strategy to try is to use a private browsing tab to dodge a CSRF warning. These features are available in some browsers, examples being Incognito mode in Chrome and InPrivate browsing in FireFox, and allow you to sidestep the cache problem of the previous strategy. Just open a private browsing window in whatever flavor of browser you’re using, log in to eRep, paste in your article and hit publish. You should be good to go.

Hopefully, one of these strategies works for you and we all get a chance to read your game-changing article. If not, you can always go Office Space on it. Damn It Feels Good To Be A Gangsta 😛

Comments

ubuntu21 Day 2,358, 05:34

lol. There are more possibilities.

ubuntu21 Day 2,358, 05:34

And easier.

ubuntu21 Day 2,358, 05:35

Voted anyway xD

Haselrig Day 2,358, 05:37

Yep, neither one of these is guaranteed. Always looking for better ways to do things 😉

ubuntu21 Day 2,358, 05:49

[removed]

ubuntu21 Day 2,358, 05:54

You should add for Firefox and Chrome: If CSRF attack is being detected, switch to HTTPSecure(https://) (https://www.erepublik.com/en/write-article).
There are no pictures and the whole interface will look strange. But if you scroll it down and find "Title", "Article" and "Category", it should be working. Well, at least it's working for me. Never had a problem again.

Haselrig Day 2,358, 06:17

I think we've reached the edge of my browser knowledge with this one 🙂

Cubby Day 2,358, 05:43

Google Docs are your friend.

Haselrig Day 2,358, 05:46

I never write in eRep. Always ends badly 🙂

The Mike Day 2,359, 06:22

I always write in eRep, I just use Ctrl+C every now and then (:

Haselrig Day 2,359, 06:54

There is this tool: http://santieditor.nixiweb.com/

I don't know enough about it to recommend it completely, but I haven't had any problems from it yet. If you want to give it a try, use at your own risk and all that.

The Mike Day 2,359, 23:10

Bookmarked, thanks!

orangejuicemmm Day 2,358, 05:46

Worked for me. Good shout.

Haselrig Day 2,358, 05:49

Thanks Orange o/

orangejuicemmm Day 2,358, 05:49

JNJK92 Day 2,358, 07:04

I just change the browser to post the article. 😛
IE usually does the trick for me.

I tried to post this comment and got a CSRF attack 😃DD

Haselrig Day 2,358, 07:05

Uh oh, they're on to us 😛

Robocall Day 2,358, 07:21

Vote from france. Got the problem using chrome and don"t want to switch to IE each time I want to write down an article.

The discard thing worked for me in the past so its good to try to inform everyone about it.

Haselrig Day 2,358, 07:30

Thanks Robocall. It can get annoying after the third or fourth try, so anything that works is a good thing 🙂

hazelh Day 2,358, 07:50

Bucephalus92 Day 2,358, 08:29

voted

wookyjack Day 2,358, 09:22

I write/edit articles often. This tutorial is awesome.

Also, ensure you check the URL of images you use in articles. If they have too many odd symbols or the end of the URL does not end with " .png, .jpeg, or .XXX " then it may corrupt your posting. I dealt with one sneaky image URL that stopped me from posting a new article for a whole week! SOOO DUMB.

Also, Gdocs is clutch to use and prepare a final draft before starting a new post.

Frodo Tea Baggins Day 2,358, 16:21

Gdocs? you young whipper snappers with your new fangled tweetsing and smoking hashtags. In my day all we had was notepad, AND WE LIKED IT.

wookyjack Day 2,358, 16:24

I lol'd

ubuntu21 Day 2,359, 00:14

lol

Haselrig Day 2,359, 03:03

I always use the "web" feature on image hosting sites just to avoid using the original URL. Otherwise, bad, embarrassing things can happen 🙂

wookyjack Day 2,359, 06:05

Do you mean you use prntscr.com? Or what do you mean? I usually download the image then upload it to prntscr

Haselrig Day 2,359, 06:14

I use Imgur, Imageshack and Postimage depending on whether I want to keep the graphic online or just get the link. They all have the option of uploading the image from your computer or the web. If I make the graphic, I choose the Computer option, if it's an image I found with an image search, I use the Web just in case the original image is taken down or it gets changed to something else, which can happen. You don't want that 😉

Franklin Stone Day 2,358, 09:43

\0/

BamaBettie Day 2,358, 09:45

I'm just glad to see this article and the problem being discussed. I'm married to a computer programmer, so he told me what to do. But many people may not have any idea. Thanks for putting this out there!

Haselrig Day 2,359, 03:05

I've seen a lot of people asking about how to get around it, but I've never seen an article about it. I figured if I wrote one with what works for me, that'd be better than nothing.

Jack Jockson Day 2,358, 10:44

[7th Cavalry article]
http://www.erepublik.com/en/article/war-against-taiwan-2397222/1/20
vote fellow journalists

Frodo Tea Baggins Day 2,358, 11:01

CSRF attack detected

Haselrig Day 2,359, 03:00

CSRF counter-attack detected 🙂

Hercules Mulligan Day 2,358, 20:30

The CSRF feature seems to hit me when I leave a tab open too long before posting. My simple fix is anytime I want to post an article/comment/reply/etc, first I hit ctrl+a, ctrl+c, f5, ctrl+v, then post/publish/etc. This has always worked for me. Still frustrating that we need to use a workaround like this. Cheers.

Haselrig Day 2,359, 03:53

Seems to be a cache/server issue that is related to the time the page is open. There are probably a few fixes that are outside of my experience. I imagine some are better than the ones I've found. I'm a "whatever works" kind of guy 🙂

Animis Day 2,358, 22:16

How about a very simple best practice of assuming your article will result in a CSRF attack so saving article in Word, or similar program, including the HTML for links, pics, etc.will be your backup, problem solved!

Haselrig Day 2,359, 03:07

I never write anything into the article writer on eRep. I paste the article BBCode from a Gdoc, type in the title and pick a category. Sometimes that's still too long and I get the CSRF warning.