Apparently 'I am vulnerable to XSS attacks' ??
Posted: October 5th, 2011, 9:57 pm
Hope someone can help me - I'm completely stuck.
My s2 member pro plugin isn't directing customers back to my site from Clickbank. I'm getting an 'Error 503.'
I wrote the the host company and this is their reply:
You really shouldn't pull in data based off what's in the URL. I assume you're using allow_url_fopen to do this and it's disabled for security reasons. If your site is using URL's like "http://effortlessabundance.com/?s2member_pro_clickbank_return=1&s2member_pro_clickbank_return_success=http://effortlessabundance.com/thanks-for-your-purchase" then you are very vulnerable to XSS attacks.
I have no idea what this means. How can I get the plugin to work? And what is an XSS attack? I assume the developers have figured all this out and that it's secure etc., but I'm just an ordinary person with no technical knowledge. I don't really want to know WHY or HOW it works - I just want it to work. Help!!
My s2 member pro plugin isn't directing customers back to my site from Clickbank. I'm getting an 'Error 503.'
I wrote the the host company and this is their reply:
You really shouldn't pull in data based off what's in the URL. I assume you're using allow_url_fopen to do this and it's disabled for security reasons. If your site is using URL's like "http://effortlessabundance.com/?s2member_pro_clickbank_return=1&s2member_pro_clickbank_return_success=http://effortlessabundance.com/thanks-for-your-purchase" then you are very vulnerable to XSS attacks.
I have no idea what this means. How can I get the plugin to work? And what is an XSS attack? I assume the developers have figured all this out and that it's secure etc., but I'm just an ordinary person with no technical knowledge. I don't really want to know WHY or HOW it works - I just want it to work. Help!!