Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.12.3 available

The official documentation can be found on https://wiki.ocsinventory-ng.org. Read it before asking your question.

Categories

"CRSF ATTACK" lorsque je créé un télédéploiement

Bonjour,

Lorsque je veux créer un paquet pour le télédéployer, j'obtiens une CRSF ATTACK qui apparaît !!

Pourquoi ??

J'ai aussi ce texte :

413

Request Entity Too Large

The requested resource
/ocsreports/index.php
does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit. 

Pourquoi index.php est concerné et comment résoudre l'erreur ?

Merci

in OCS Inventory NG server for Unix by (2k points)
Share on
share on gp share on fb share on tw share on li

2 Answers

0 votes
Apparement un fichier en .msi provoque un CRSF ATTACK, un fichier en .exe permet de créer le paquet à déployer.
by (2k points)
0 votes

Bonjour je vous donne la solution, voici les champs à modifier dans les confs Apache sur un serveur centOS dans /etc/httpd/conf.d/ocsinventory-reports.conf :

 

Alias /ocsreports /usr/share/ocsinventory-reports/ocsreports

 

<Directory /usr/share/ocsinventory-reports/ocsreports>

    # By default, users can use console from everywhere

    Order deny,allow

    Allow from all

    Options Indexes FollowSymLinks

    DirectoryIndex index.php

    AllowOverride Options

 

    # Uncomment following to force use of HTTPS in Administration Server

    #SSLRequireSSL

 

    # PHP tuning (not working on all distribution, use php.ini instead)

    AddType application/x-httpd-php .php

    php_flag file_uploads           on

    # Some PHP tuning for deployement feature up to 8 MB

    # post_max_size must be greater than upload_max_filesize

    # because of HTTP headers

    php_value post_max_size         251m

    php_value upload_max_filesize   250m

    # You may have to uncomment following on errors

    #php_value max_execution_time -1

    #php_value max_input_time -1

 

    #!! Mandatory !! : set magic_quotes_gpc to off (to make ocsreports work

s correctly)

    php_flag magic_quotes_gpc      off

 

    # Uncomment following to allow HTTP body request up to 4 MB

    # instead default 512 KB

    LimitRequestBody 250194304

 

    # Uncomment following if you need to specify a mysql socket

    #php_value mysql.default_socket "path/to/mysql/unix/socket"

 

</Directory>

 

Je ne modifiai la valeure que des 2 premières lignes, ne pas oublier la 3e sinon vous aurez une CRSF Attack si votre fichier est trop voluminuex !!

by (2k points)
 
Powered by Question2Answer
...