Feature Requests
Share ideas, discuss and vote on requests from other users in community
This object is in archive! 

CSRF Tokens with Integration Code Domain Checker Form

innoview.gr shared this idea 6 years ago
Under Consideration

In WHMCS there is an option to use CSRF Tokens with domain checker form to prevent malicious attacks using that form. That works great within a WHMCS installation but there are several instances that require the use of the domain checker form outside of the WHMCS environment.

The problem is that the domain checker form with CSRF Tokens enabled does not work in a non-WHMCS page and the only solution is to disable that option, thus reducing the level of security.

It would be great if the domain checker integration code could work with CSRF Tokens enabled and in a non-WHMCS page or even provide us with a way (perhaps using the API) to be able to get and use the required token.

Comments (1)


I think is a very helpfull feature ;)