cancel
Showing results for 
Search instead for 
Did you mean: 

4.2.f Possible CSRF attack noted when asserting referer header

rodrigorapozo
Champ in-the-making
Champ in-the-making
Hello everyone,

I have a problem after put my alfresco behind apache httpd:

<VirtualHost *:80>
       ProxyPass /share http://127.0.0.1:8181/share
       ProxyPassReverse /share http://127.0.0.1:8181/share
</VirtualHost>

Error:

2014-10-06 02:07:24,839  ERROR [alfresco.web.site] [http-bio-8181-exec-2] javax.servlet.ServletException: Possible CSRF attack noted when asserting referer header 'http://XXX.XXX.XXX.XX/share/page/'. Request: POST /share/page/dologin, FAILED TEST: Assert referer POST /share/page/dologin :: referer: 'http://XXX.XXX.XXX.XX/share/page/' vs server & context: http://127.0.0.1:8181/ (string) or http://localhost:8181 (regexp)han

If I try access directly it's work but if I try access behind httpd show me the error above.

Someone have idea about how I can solve this problem?

Thanks.
2 REPLIES 2

angelborroy
Community Manager Community Manager
Community Manager
Have you tried to include http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypreservehost directive?

You can also proxy using AJP protocol.
Hyland Developer Evangelist

Hi,

AJP is not capable of dealing with heavy load. So if you have much traffic, try to go for a Filter instead.

Best,
Tim