Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

cross domain error

 
Sankarsan Padhy
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

i am deploying an ear file to weblogic 11g. It deploys successfully but is throwing an error as below while accessing the application.


[org.directwebremoting.dwrp.Batch] ERROR 15:24:38,703: A request has been denied as a potential CSRF attack.

Please help me if you have encountered like this anytime before.

Thanks
Sankarsan
 
Suraj Jadhav
Greenhorn
Posts: 25
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The ear file that you are deploying is using CSRF Guard feature. CSRF guard is feature that avoids Cross Site Scripting. On accessing the application, CSRF Guard generates one random token and appends it to the URL of application which cannot be tempered. You can disable this feature by disabling it into its configuration property if you really don't want this feature.

You can get more details about this on https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic