ERROR org.directwebremoting.dwrp.BaseDwrpHandler - A request has been denied as a potential CSRF attack
A request has been denied as a potential CSRF attack.
Moderator: moderators
3 posts
• Page 1 of 1
A request has been denied as a potential CSRF attack.
by doahh » Sat Nov 24, 2012 2:02 pm
This is a new install in Tomcat 7. I found this thread that discusses how to handle the various issues with running in Tomcat 7 but I can't find anything about the CSRF attack. Does anyone have any suggestions?
- doahh
- Posts: 2
- Joined: Sat Nov 24, 2012 1:29 pm
Re: A request has been denied as a potential CSRF attack.
by doahh » Sat Nov 24, 2012 2:11 pm
Add this to web.xml:
It looks like that is side stepping some security but it works. If anyone knows a better solution than I would like to hear it.
<init-param>
<param-name>crossDomainSessionSecurity</param-name>
<param-value>false</param-value>
</init-param>
It looks like that is side stepping some security but it works. If anyone knows a better solution than I would like to hear it.
- doahh
- Posts: 2
- Joined: Sat Nov 24, 2012 1:29 pm
Re: A request has been denied as a potential CSRF attack.
by pdicresc » Tue Oct 22, 2013 1:44 pm
This helped. Thank you, doahh!
- pdicresc
- Posts: 3
- Joined: Mon Oct 21, 2013 2:23 am
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 12 guests