php - Cross Site Request Forgery (CSRF/XSRF) issue in Product add to cart form in magento 1.9.3.4 -
we scan our site in https://detectify.com/ checking csrf attack. getting following issue in our site. example
cross site request forgery (csrf/xsrf)- https://www.example.com/product.html
we searched issue , found solution add formkey form , added formkey(see example) https://www.example.com/checkout/cart/add/uenc/ahr0chm6ly93d3cudghlz3jvb21pbmdjbgluawmuy29tl2fudghvbnktbg9naxn0awnzlwhpz2gtcgvyzm9ybwfuy2uty29udgludw91cy1tb2lzdhvyzs1lewuty3jlyw0tmtvtbc5odg1sp19fx1njrd1v/product/2442/form_key/hlpi0tesobfkabq4
<input name="form_key" type="hidden" value="hlpi0tesobfkabq4">
but still getting same issue
can please ...
Comments
Post a Comment