<div dir="ltr"><div>Hi David,</div><div><br></div><div>Thank you for your help. I will try to look this file and will confirm again at this group.</div><div><br></div><div>Best regards,</div><div>Agung Prasetyo W.<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Jul 23, 2020 at 7:59 PM David R Newman via Eprints-tech &lt;<a href="mailto:eprints-tech@ecs.soton.ac.uk">eprints-tech@ecs.soton.ac.uk</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">

  
  <div>
    <p>Hi Agung Prasetyo Wibowo,</p>
    <p>This could be one of two issues:</p>
    <p>1. You have updated lib directory versions of the various
      JavaScript files that are patched in the two GitHub links you
      included but there are other versions that take precedence so
      these changes will not propagate through to the version at
      <a href="http://HOSTNAME/javascript/auto-3.4.0.js" target="_blank"><font color="red"><b>MailScanner has detected a possible fraud attempt from &quot;hostname&quot; claiming to be</b></font> http://HOSTNAME/javascript/auto-3.4.0.js</a>.  Look for files with the
      same name in the equivalent pub_lib, site_lib or
      archives/ARCHIVE_NAME directories. <br>
    </p>
    <p>2. auto-3.4.0.js is still cached and you need to hard refresh the
      page to get these changes to come.  I have tried doing this as I
      know your repository hostname (i.e. Ctrl+Shift+R for a hard
      refresh) and this seems to make no difference and I cannot find
      the string &#39;csrf&#39; anywhere in auto-3.4.0.js.  One other issue with
      caching might be that
      archives/ARCHIVE_NAME/html/en/javascript/auto.js and the files in
      archives/ARCHIVE_NAME/html/en/javascript/auto/ cannot be
      overwritten due to a file permission issues.  If you delete all
      these files, this may resolve the issue and give you the new
      version of auto-3.4.0.js that has the CSRF protection code.</p>
    <p>Regards</p>
    <p>David Newman<br>
    </p>
    <div>On 23/07/2020 09:13, Ajunk Pracetio via
      Eprints-tech wrote:<br>
    </div>
    <blockquote type="cite">
      
      <div dir="ltr">
        <div>Hi,</div>
        <div>I&#39;d like to ask. My EPrints version is 3.4. I want to edit
          one of the field on phrases editor, but always get error</div>
        <div><br>
        </div>
        <div>
          <b>Cross-Site Request Forgery (CSRF) was detected whilst
            processing your last request and therefore its action was
            not authorised. </b><br>
        </div>
        <div><br>
        </div>
        <div>The screenshot like this :</div>
        <div>
          <div><img src="cid:1737fd5cae5cb971f161" alt="image.png" width="541" height="67"><br>
          </div>
          <div>I already try <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fcommit%2F95ed6bee24fb3c138ada80684f0503e54f739c41&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=sGOACg8VF%2F1D3qDUeJUsWL3jCofUsA0y0zplRswyCbU%3D&amp;reserved=0" originalSrc="https://github.com/eprints/eprints3.4/commit/95ed6bee24fb3c138ada80684f0503e54f739c41" shash="bO3orUcwIgWOsTRIDOfadWXjYmQmScsPla+GxJDKhjwEikV9xubt5VA3JTU4neRYO1+h3wTjA6AdYxa0+012FnxqU2Zh7LJfem1hbpjQL6/Wb/eECYPI6e9Z9YRreilZjAUKCz6qwAt/LiC06IFoBPnq4y44Rj568b23eZPEp5c=" target="_blank">https://github.com/eprints/eprints3.4/commit/95ed6bee24fb3c138ada80684f0503e54f739c41</a>
            and <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fcommit%2F6968a5690ccd01f6ffe819a5a626ebe3b04c9ed1&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=XqqkKa5CpNimPiQohhRzfb0V6%2FGCUuARPHrbFuDTR2U%3D&amp;reserved=0" originalSrc="https://github.com/eprints/eprints3.4/commit/6968a5690ccd01f6ffe819a5a626ebe3b04c9ed1" shash="HyMqt9BcY6mih9/H9vnSl8ZApgQEnU513ka8xvcbJjZBP1qliNxnTGvsblbO3CcI2Wm3IkMmEfVCnQEMpJ/0jL7ueNr+uT/dMKw1Rvu+Cky8nsKO2LK+lsZcoq9LqbzHMUvSqTd6V/Cb+leKhUSG81gVXaOk3lPzzgTyWe3WJ0I=" target="_blank">https://github.com/eprints/eprints3.4/commit/6968a5690ccd01f6ffe819a5a626ebe3b04c9ed1</a>,
            but error still persists.</div>
          <div><br>
          </div>
          <div>Please help about this issue.</div>
          <div><br>
          </div>
          <div>Thank you.</div>
          <div><br>
          </div>
          <div>Best regards,</div>
          <div>Agung Prasetyo Wibowo.<br>
          </div>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <pre>*** Options: <a href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech" target="_blank">http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech</a>
*** Archive: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=SEmeWu4Jfs4J3CBMjKk%2FoGXLz7Ozfm03Y7xvbnWrZ9c%3D&amp;reserved=0" originalSrc="http://www.eprints.org/tech.php/" shash="ZSfknFRqGSFFOJ0Vf7YFoT/AGMyTFWQFV8FaEs27W2ZAC20uyjKATkv9uuRMUjt1FzPrFJn7rfxUs6E6UiGIPS4B291cIW4JiSXrnsLG0EDVD6iLr4TGkWC601e+TCTd9f0fA2nHQxMEgJYOnMiyrF1Hv99tqUfln7SSgi/pKSw=" target="_blank">http://www.eprints.org/tech.php/</a>
*** EPrints community wiki: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=1j%2BUVjwGXoHHFiZqfUZ7BgQ9WqL9ZZLuyPiP6MUGGaA%3D&amp;reserved=0" originalSrc="http://wiki.eprints.org/" shash="o6WHYWVlpG0gnxiNf5swyLrStqvxFs6KGJcCWjt3h9INd2h1rJpHJ9+THFVm2d+Z0xCruRtLYBwodzAhC9Anm+HtKFvddK7nIfjDPpSp+l9DJAI0JjhKxqF+6b6QGHYCKHpFZ6YEKoYBpRqge3D0iic1wku6w6oYS0av1f8e9NM=" target="_blank">http://wiki.eprints.org/</a></pre>
    </blockquote>
  <div id="gmail-m_-1444761825363686278DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br>
<table style="border-top:1px solid rgb(211,212,222)">
        <tbody><tr>
        <td style="width:55px;padding-top:13px"><a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=fA5pwINyIEAwMFxXaGlpoNPs3yAAJuaCQX7qg1uvQfw%3D&amp;reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="GS0MdrvKOcjUvLbJpnV0vsmGSx02ldSnpTTmgsQwFlyPFEQitN0yPIeglchdsqXf+bDyhIeGYP6EyRPTTD8EIh2uplm4QZnzhW/emhxfpqs1fnekOvOoyOTVhR++ovdzFVwOZGx5QB53vL97zUBGawmuhPLlQqynMREcVAim/kg=" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-green-avg-v1.png" alt="" style="width: 46px; height: 29px;" width="46" height="29"></a></td>
                <td style="width:470px;padding-top:12px;color:rgb(65,66,78);font-size:13px;font-family:Arial,Helvetica,sans-serif;line-height:18px">Virus-free. <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=fA5pwINyIEAwMFxXaGlpoNPs3yAAJuaCQX7qg1uvQfw%3D&amp;reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="GS0MdrvKOcjUvLbJpnV0vsmGSx02ldSnpTTmgsQwFlyPFEQitN0yPIeglchdsqXf+bDyhIeGYP6EyRPTTD8EIh2uplm4QZnzhW/emhxfpqs1fnekOvOoyOTVhR++ovdzFVwOZGx5QB53vL97zUBGawmuhPLlQqynMREcVAim/kg=" style="color:rgb(68,83,234)" target="_blank">www.avg.com</a>
                </td>
        </tr>
</tbody></table><a href="#m_-1444761825363686278_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"> </a></div></div>

*** Options: <a href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech" rel="noreferrer" target="_blank">http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech</a><br>
*** Archive: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=SEmeWu4Jfs4J3CBMjKk%2FoGXLz7Ozfm03Y7xvbnWrZ9c%3D&amp;reserved=0" originalSrc="http://www.eprints.org/tech.php/" shash="ZSfknFRqGSFFOJ0Vf7YFoT/AGMyTFWQFV8FaEs27W2ZAC20uyjKATkv9uuRMUjt1FzPrFJn7rfxUs6E6UiGIPS4B291cIW4JiSXrnsLG0EDVD6iLr4TGkWC601e+TCTd9f0fA2nHQxMEgJYOnMiyrF1Hv99tqUfln7SSgi/pKSw=" rel="noreferrer" target="_blank">http://www.eprints.org/tech.php/</a><br>
*** EPrints community wiki: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C42bceffecb0e4818906f08d82fa7b019%7C4a5378f929f44d3ebe89669d03ada9d8%7C0&amp;sdata=1j%2BUVjwGXoHHFiZqfUZ7BgQ9WqL9ZZLuyPiP6MUGGaA%3D&amp;reserved=0" originalSrc="http://wiki.eprints.org/" shash="o6WHYWVlpG0gnxiNf5swyLrStqvxFs6KGJcCWjt3h9INd2h1rJpHJ9+THFVm2d+Z0xCruRtLYBwodzAhC9Anm+HtKFvddK7nIfjDPpSp+l9DJAI0JjhKxqF+6b6QGHYCKHpFZ6YEKoYBpRqge3D0iic1wku6w6oYS0av1f8e9NM=" rel="noreferrer" target="_blank">http://wiki.eprints.org/</a></blockquote></div>