Jump to content

should public urls use csrf keys ?


Recommended Posts

seems all the rsvp download links in the calendar app use csrf keys and so produce many google search crawl errors due to ...

The CSRF protection key did not match. This may indicate a plugin or theme is out of date. Please contact technical support for more information.
Error code: 2S119/1

Link to comment
Share on other sites

  • 4 months later...

Or, bots should always get the same CSRF key - that avoids reindexing the same content because it will always get the same CSRF key, without compromising the security of CSRF, because unless someone deliberately changes their user agent to Googlebot, they won't be vulnerable to CSRF (and, as an extra protection, it should not apply if the user is logged in).

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...