should public urls use csrf keys ?

sound · May 10, 2016

seems all the rsvp download links in the calendar app use csrf keys and so produce many google search crawl errors due to ...

The CSRF protection key did not match. This may indicate a plugin or theme is out of date. Please contact technical support for more information.
Error code: 2S119/1

TSP · September 13, 2016

No, they shouldn't in my opinion.

Colonel_mortis · September 13, 2016

Or, bots should always get the same CSRF key - that avoids reindexing the same content because it will always get the same CSRF key, without compromising the security of CSRF, because unless someone deliberately changes their user agent to Googlebot, they won't be vulnerable to CSRF (and, as an extra protection, it should not apply if the user is logged in).

Five Invision Community 5 features your members will love

Invision Community 4: SEO, prepare for v5 and dormant account notifications

Invision Community 5: Beta testing and latest updates

Invision Community 4: A more professional report center

should public urls use csrf keys ?

Recommended Posts

sound

TSP

Colonel_mortis

Archived

Recently Browsing 0 members

More