Hi Guys,

When my Norton securit is enabled, i get the following error fromwithin SlimServer when i try to change any of the settings, fro example if i click on the Player Setting for 198.xx.xx..xx at the mail Slim Server screen...
Can anyone decipher and help me correct this?
I am connecting via an Ad-Hoc wireless network connection. SB3 play and works perfectly normally while Norton is enabled. I just cant change any settings from SimServer...
Thanks,
================================================== ===========
403 Forbidden: setup.html
In order to request this URL from a Bookmark/Favorite, or some means other than following a

link from the SlimServer web interface, you will need to use a URL with a \"cauth\" security

parameter. If you received this error when following a link from the SlimServer web interface,

you will want to make sure your web browser software (including proxy servers and

spyware/privacy software) is allowing \"Referer\" headers to be sent. Below is the appropriate

URL for the URL you attempted.

http://localhost:9000/setup.html?page=player&player=00%3A00%3A00%3A3b%3A58%3A3b&playerid=00%3A0

0%3A00%3A3b%3A58%3A3b;cauth=95bce75852f97ff41db35d e59bed71a1

Because your CSRF protection level is set at 'MEDIUM', you can use the same ";cauth=" value for

any URL; this means you should be more careful who you share your URLs with.

On 5-Aug-06, at 6:37 PM, defnk wrote:
>
> you will want to make sure your web browser software (including proxy
> servers and
>
> spyware/privacy software) is allowing \"Referer\" headers to be sent.
> Below is the appropriate
>

this means you need to make sure norton will allow the Referer header
to be sent via http.

> URL for the URL you attempted.
>
> http://localhost:9000/setup.html?
> page=player&player=00%3A00%3A00%3A3b%3A58%3A3b&playerid=00%3A0
>
> 0%3A00%3A3b%3A58%3A3b;cauth=95bce75852f97ff41db35d e59bed71a1
>

you could just click the link above when it is given.

> Because your CSRF protection level is set at 'MEDIUM', you can use the
> same ";cauth=" value for
>
or change CSRF (Cross Site Referer Forgery) setting in server
settings->security to NONE
-kdf

On 5-Aug-06, at 6:37 PM, defnk wrote:
>
> you will want to make sure your web browser software (including proxy
> servers and
>
> spyware/privacy software) is allowing \"Referer\" headers to be sent.
> Below is the appropriate
>

this means you need to make sure norton will allow the Referer header
to be sent via http.

> URL for the URL you attempted.
>
> http://localhost:9000/setup.html?
> page=player&player=00%3A00%3A00%3A3b%3A58%3A3b&playerid=00%3A0
>
> 0%3A00%3A3b%3A58%3A3b;cauth=95bce75852f97ff41db35d e59bed71a1
>

you could just click the link above when it is given.

> Because your CSRF protection level is set at 'MEDIUM', you can use the
> same ";cauth=" value for
>
or change CSRF (Cross Site Referer Forgery) setting in server
settings->security to NONE
-kdf

Hey mate, thanks for that, BUT im a little security illiterate... could you explain whre this setting is found??
Cheers..

On 5-Aug-06, at 6:59 PM, defnk wrote:
>>>
>> or change CSRF (Cross Site Referer Forgery) setting in server
>> settings->security to NONE
>> -kdf
>
> Hey mate, thanks for that, BUT im a little security illiterate... could
> you explain whre this setting is found??
> Cheers..

I already did:
Server settings->security

look around the slimserver web interface.
-k

Thought you meant in Norton...

OK, just tried, but i get the securty error when i try to click on Change...

=======
OK CSRF when turned off is fine.
Is this a recommended solution or does this pose a secutry threat?

Thanks DFK.

just click on the link it gives you then.
-k
On 5-Aug-06, at 7:16 PM, defnk wrote:

>
> Thought you meant in Norton...
>
> OK, just tried, but i get the securty error when i try to click on
> Change...
>
>
> --
> defnk
> -----------------------------------------------------------------------
> -
> defnk's Profile: http://forums.slimdevices.com/member.php?userid=6639
> View this thread: http://forums.slimdevices.com/showthread.php?t=26156
>
>