The system almost works, but I get the error in various places when logging into webmail and performing certain actions on WHM:
HTTP error 401
Invalid Security Token
Lots of XSRF errors in the console:
Additionally, I get unstyled pages in WHM where it is attempting to pull styles and content from cPanel but fails to do so due to the aforementioned errors.
So far tried:
HTTP error 401
Invalid Security Token
Lots of XSRF errors in the console:
Code:
Blocked a frame with origin "https://webmail.example.com" from accessing a frame with origin "https://cpanel.example.com". Protocols, domains, and ports must match.
Refused to display 'https://cpanel.example.com/cpsess12345678/3rdparty/squirrelmail/src/webmail.php?login=1&post_login=12345678' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
So far tried:
- Old hack for disabling XSS (xsrftoken=false), doesn't work on new cpanel
- Disable cookie based IP validation
- Force update
- Strip xss related headers using nginx
- Delete cache directory
- Praying to Lord Krishna
Last edited by a moderator: