<div dir="ltr"><div>Hi David,</div><div><br></div><div>Thank you for your help. I will try to look this file and will confirm again at this group.</div><div><br></div><div>Best regards,</div><div>Agung Prasetyo W.<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Jul 23, 2020 at 7:59 PM David R Newman via Eprints-tech <<a href="mailto:eprints-tech@ecs.soton.ac.uk">eprints-tech@ecs.soton.ac.uk</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Hi Agung Prasetyo Wibowo,</p>
<p>This could be one of two issues:</p>
<p>1. You have updated lib directory versions of the various
JavaScript files that are patched in the two GitHub links you
included but there are other versions that take precedence so
these changes will not propagate through to the version at
<a href="http://HOSTNAME/javascript/auto-3.4.0.js" target="_blank"><font color="red"><b>MailScanner has detected a possible fraud attempt from "hostname" claiming to be</b></font> http://HOSTNAME/javascript/auto-3.4.0.js</a>. Look for files with the
same name in the equivalent pub_lib, site_lib or
archives/ARCHIVE_NAME directories. <br>
</p>
<p>2. auto-3.4.0.js is still cached and you need to hard refresh the
page to get these changes to come. I have tried doing this as I
know your repository hostname (i.e. Ctrl+Shift+R for a hard
refresh) and this seems to make no difference and I cannot find
the string 'csrf' anywhere in auto-3.4.0.js. One other issue with
caching might be that
archives/ARCHIVE_NAME/html/en/javascript/auto.js and the files in
archives/ARCHIVE_NAME/html/en/javascript/auto/ cannot be
overwritten due to a file permission issues. If you delete all
these files, this may resolve the issue and give you the new
version of auto-3.4.0.js that has the CSRF protection code.</p>
<p>Regards</p>
<p>David Newman<br>
</p>
<div>On 23/07/2020 09:13, Ajunk Pracetio via
Eprints-tech wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>Hi,</div>
<div>I'd like to ask. My EPrints version is 3.4. I want to edit
one of the field on phrases editor, but always get error</div>
<div><br>
</div>
<div>
<b>Cross-Site Request Forgery (CSRF) was detected whilst
processing your last request and therefore its action was
not authorised. </b><br>
</div>
<div><br>
</div>
<div>The screenshot like this :</div>
<div>
<div><img src="cid:1737fd5cae5cb971f161" alt="image.png" width="541" height="67"><br>
</div>
<div>I already try <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fcommit%2F95ed6bee24fb3c138ada80684f0503e54f739c41&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=sGOACg8VF%2F1D3qDUeJUsWL3jCofUsA0y0zplRswyCbU%3D&reserved=0" originalSrc="https://github.com/eprints/eprints3.4/commit/95ed6bee24fb3c138ada80684f0503e54f739c41" shash="bO3orUcwIgWOsTRIDOfadWXjYmQmScsPla+GxJDKhjwEikV9xubt5VA3JTU4neRYO1+h3wTjA6AdYxa0+012FnxqU2Zh7LJfem1hbpjQL6/Wb/eECYPI6e9Z9YRreilZjAUKCz6qwAt/LiC06IFoBPnq4y44Rj568b23eZPEp5c=" target="_blank">https://github.com/eprints/eprints3.4/commit/95ed6bee24fb3c138ada80684f0503e54f739c41</a>
and <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fcommit%2F6968a5690ccd01f6ffe819a5a626ebe3b04c9ed1&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=XqqkKa5CpNimPiQohhRzfb0V6%2FGCUuARPHrbFuDTR2U%3D&reserved=0" originalSrc="https://github.com/eprints/eprints3.4/commit/6968a5690ccd01f6ffe819a5a626ebe3b04c9ed1" shash="HyMqt9BcY6mih9/H9vnSl8ZApgQEnU513ka8xvcbJjZBP1qliNxnTGvsblbO3CcI2Wm3IkMmEfVCnQEMpJ/0jL7ueNr+uT/dMKw1Rvu+Cky8nsKO2LK+lsZcoq9LqbzHMUvSqTd6V/Cb+leKhUSG81gVXaOk3lPzzgTyWe3WJ0I=" target="_blank">https://github.com/eprints/eprints3.4/commit/6968a5690ccd01f6ffe819a5a626ebe3b04c9ed1</a>,
but error still persists.</div>
<div><br>
</div>
<div>Please help about this issue.</div>
<div><br>
</div>
<div>Thank you.</div>
<div><br>
</div>
<div>Best regards,</div>
<div>Agung Prasetyo Wibowo.<br>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<pre>*** Options: <a href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech" target="_blank">http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech</a>
*** Archive: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=SEmeWu4Jfs4J3CBMjKk%2FoGXLz7Ozfm03Y7xvbnWrZ9c%3D&reserved=0" originalSrc="http://www.eprints.org/tech.php/" shash="ZSfknFRqGSFFOJ0Vf7YFoT/AGMyTFWQFV8FaEs27W2ZAC20uyjKATkv9uuRMUjt1FzPrFJn7rfxUs6E6UiGIPS4B291cIW4JiSXrnsLG0EDVD6iLr4TGkWC601e+TCTd9f0fA2nHQxMEgJYOnMiyrF1Hv99tqUfln7SSgi/pKSw=" target="_blank">http://www.eprints.org/tech.php/</a>
*** EPrints community wiki: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=1j%2BUVjwGXoHHFiZqfUZ7BgQ9WqL9ZZLuyPiP6MUGGaA%3D&reserved=0" originalSrc="http://wiki.eprints.org/" shash="o6WHYWVlpG0gnxiNf5swyLrStqvxFs6KGJcCWjt3h9INd2h1rJpHJ9+THFVm2d+Z0xCruRtLYBwodzAhC9Anm+HtKFvddK7nIfjDPpSp+l9DJAI0JjhKxqF+6b6QGHYCKHpFZ6YEKoYBpRqge3D0iic1wku6w6oYS0av1f8e9NM=" target="_blank">http://wiki.eprints.org/</a></pre>
</blockquote>
<div id="gmail-m_-1444761825363686278DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br>
<table style="border-top:1px solid rgb(211,212,222)">
<tbody><tr>
<td style="width:55px;padding-top:13px"><a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=fA5pwINyIEAwMFxXaGlpoNPs3yAAJuaCQX7qg1uvQfw%3D&reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="GS0MdrvKOcjUvLbJpnV0vsmGSx02ldSnpTTmgsQwFlyPFEQitN0yPIeglchdsqXf+bDyhIeGYP6EyRPTTD8EIh2uplm4QZnzhW/emhxfpqs1fnekOvOoyOTVhR++ovdzFVwOZGx5QB53vL97zUBGawmuhPLlQqynMREcVAim/kg=" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-green-avg-v1.png" alt="" style="width: 46px; height: 29px;" width="46" height="29"></a></td>
<td style="width:470px;padding-top:12px;color:rgb(65,66,78);font-size:13px;font-family:Arial,Helvetica,sans-serif;line-height:18px">Virus-free. <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=fA5pwINyIEAwMFxXaGlpoNPs3yAAJuaCQX7qg1uvQfw%3D&reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="GS0MdrvKOcjUvLbJpnV0vsmGSx02ldSnpTTmgsQwFlyPFEQitN0yPIeglchdsqXf+bDyhIeGYP6EyRPTTD8EIh2uplm4QZnzhW/emhxfpqs1fnekOvOoyOTVhR++ovdzFVwOZGx5QB53vL97zUBGawmuhPLlQqynMREcVAim/kg=" style="color:rgb(68,83,234)" target="_blank">www.avg.com</a>
</td>
</tr>
</tbody></table><a href="#m_-1444761825363686278_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"> </a></div></div>
*** Options: <a href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech" rel="noreferrer" target="_blank">http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech</a><br>
*** Archive: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=SEmeWu4Jfs4J3CBMjKk%2FoGXLz7Ozfm03Y7xvbnWrZ9c%3D&reserved=0" originalSrc="http://www.eprints.org/tech.php/" shash="ZSfknFRqGSFFOJ0Vf7YFoT/AGMyTFWQFV8FaEs27W2ZAC20uyjKATkv9uuRMUjt1FzPrFJn7rfxUs6E6UiGIPS4B291cIW4JiSXrnsLG0EDVD6iLr4TGkWC601e+TCTd9f0fA2nHQxMEgJYOnMiyrF1Hv99tqUfln7SSgi/pKSw=" rel="noreferrer" target="_blank">http://www.eprints.org/tech.php/</a><br>
*** EPrints community wiki: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&sdata=1j%2BUVjwGXoHHFiZqfUZ7BgQ9WqL9ZZLuyPiP6MUGGaA%3D&reserved=0" originalSrc="http://wiki.eprints.org/" shash="o6WHYWVlpG0gnxiNf5swyLrStqvxFs6KGJcCWjt3h9INd2h1rJpHJ9+THFVm2d+Z0xCruRtLYBwodzAhC9Anm+HtKFvddK7nIfjDPpSp+l9DJAI0JjhKxqF+6b6QGHYCKHpFZ6YEKoYBpRqge3D0iic1wku6w6oYS0av1f8e9NM=" rel="noreferrer" target="_blank">http://wiki.eprints.org/</a></blockquote></div>