Iframe CSRF Restrictions
-
I would like to run Easy!Appointments through an iframe. But I run into issues with that specific endpoint: "/index.php/appointments/ajax_get_available_hours"
There exists a solution for this which requires changing $config['csrf_exclude_uris'] in the config.php in the application/config folder:
[https://github.com/alextselegidis/easyappointments/issues/732](link url)Since that folder is read-only I am unable to do that myself. Is there a way to expose this config or alter the docker container to make that possible?
Thank you.
-
I would like to run Easy!Appointments through an iframe. But I run into issues with that specific endpoint: "/index.php/appointments/ajax_get_available_hours"
There exists a solution for this which requires changing $config['csrf_exclude_uris'] in the config.php in the application/config folder:
[https://github.com/alextselegidis/easyappointments/issues/732](link url)Since that folder is read-only I am unable to do that myself. Is there a way to expose this config or alter the docker container to make that possible?
Thank you.
@fishbeet It seems that application/config/config.php is meant to be application code and not meant to be overwritten by user. Any changes you make to this file would get lost on update. Not sure what the best approach is if the upstream project is not supporting it. Maybe @nebulon knows since he packaged it initially.
I can think of two ideas: You will have to install this in the LAMP app yourself to make code changes. Alternately, we have to make a PR to the upstream project to make it embeddable via the root directory config.php.
-
@girish is right here. The app only supports overwriting config variables as such via https://github.com/alextselegidis/easyappointments/blob/master/config-sample.php which will be located at
/app/data/config.phpin the Cloudron package. However only values which are referenced in the application code config.php withConfig::will be taken into account.So supporting further values requires application patches.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login