|
November 11, 2013, 11:27:16 PM |
|
I recently saw the following message two times yesterday. Both times I had entered my user ID and password to log into Bitstamp, been prompted to enter my two factor authentication using Google Authenticator, waited for perhaps 30 seconds or more, entered my authentication token, and then seen this message:
"forbidden (403) CSRF verification failed. Request aborted. You are seeing this message because this HTTPS site requires a 'Referer header' to be sent by your Web browser, but none was sent. This header is required for security reasons, to ensure that your browser is not being hijacked by third parties."
Does anyone else who uses Bitstamp see this occasionally? I'm trying to figure out whether I was the target of a legit XSS attack or whether it's some issue on Bitstamp's side. I asked Bitstamp support, but they weren't helpful and just said to "enable cookies." I don't think they understood that I only get this intermittently.
|