Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Iframe CSRF Restrictions

Scheduled Pinned Locked Moved Easy!Appointments
3 Posts 3 Posters 217 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F Offline
    F Offline
    Fishbeet
    wrote on last edited by
    #1

    I would like to run Easy!Appointments through an iframe. But I run into issues with that specific endpoint: "/index.php/appointments/ajax_get_available_hours"

    There exists a solution for this which requires changing $config['csrf_exclude_uris'] in the config.php in the application/config folder:
    [https://github.com/alextselegidis/easyappointments/issues/732](link url)

    Since that folder is read-only I am unable to do that myself. Is there a way to expose this config or alter the docker container to make that possible?

    Thank you.

    girishG 1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    replied to Fishbeet on last edited by
    #2

    @fishbeet It seems that application/config/config.php is meant to be application code and not meant to be overwritten by user. Any changes you make to this file would get lost on update. Not sure what the best approach is if the upstream project is not supporting it. Maybe @nebulon knows since he packaged it initially.

    I can think of two ideas: You will have to install this in the LAMP app yourself to make code changes. Alternately, we have to make a PR to the upstream project to make it embeddable via the root directory config.php.

    1 Reply Last reply
    0
  • nebulonN Online
    nebulonN Online
    nebulon Staff
    wrote on last edited by
    #3

    @girish is right here. The app only supports overwriting config variables as such via https://github.com/alextselegidis/easyappointments/blob/master/config-sample.php which will be located at /app/data/config.php in the Cloudron package. However only values which are referenced in the application code config.php with Config:: will be taken into account.

    So supporting further values requires application patches.

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.