<![CDATA[Latest posts for the topic "Session Error / A request has been denied as a potential CSRF attack."]]> http://forum.infiniteautomation.com/forum/posts/list/2.page JForum - http://www.jforum.net Session Error / A request has been denied as a potential CSRF attack. - Apache Tomcat/7.0.2
- JVM 1.6.0_18-b07

I get popup error windows while browsing within Mango:

- Session Error

Mango log show this error:
[code]
ERROR 2010-09-23 13:33:56,747 (org.directwebremoting.util.CommonsLoggingOutput.error:75) - A request has been denied as a potential CSRF attack.
ERROR 2010-09-23 13:34:16,700 (org.directwebremoting.util.CommonsLoggingOutput.error:75) - A request has been denied as a potential CSRF attack.
ERROR 2010-09-23 13:34:16,950 (org.directwebremoting.util.CommonsLoggingOutput.error:75) - A request has been denied as a potential CSRF attack.
ERROR 2010-09-23 13:34:16,950 (org.directwebremoting.util.CommonsLoggingOutput.error:75) - A request has been denied as a potential CSRF attack.
ERROR 2010-09-23 13:34:16,950 (org.directwebremoting.util.CommonsLoggingOutput.error:75) - A request has been denied as a potential CSRF attack.
[/code]
"Mango error.jpg" is a print screen
In "log.zip" you will find all Tomcat logs files

Thanks for any help

CRL]]> http://forum.infiniteautomation.com/forum/posts/preList/550/2612.page http://forum.infiniteautomation.com/forum/posts/preList/550/2612.page GMT Re:Session Error / A request has been denied as a potential CSRF attack.
<servlet>
<servlet-name>dwr-invoker</servlet_name>
...
<init-param> <-
<param-name>crossDomainSessionSecurity</param-name> <-
<param-value>false</param-value> <-
</init-param> <-
...
</servlet>]]> http://forum.infiniteautomation.com/forum/posts/preList/550/2614.page http://forum.infiniteautomation.com/forum/posts/preList/550/2614.page GMT Re:Session Error / A request has been denied as a potential CSRF attack. http://forum.infiniteautomation.com/forum/posts/preList/550/2615.page http://forum.infiniteautomation.com/forum/posts/preList/550/2615.page GMT Re:Session Error / A request has been denied as a potential CSRF attack.
By the way, I notice that the solution was provided in less than 2 hour. I never been accustomed on having so quick support by major automation solution providers...

So Congratulation SteveE.

Regards

Cyril]]> http://forum.infiniteautomation.com/forum/posts/preList/550/2626.page http://forum.infiniteautomation.com/forum/posts/preList/550/2626.page GMT Re:Session Error / A request has been denied as a potential CSRF attack. http://forum.infiniteautomation.com/forum/posts/preList/550/2635.page http://forum.infiniteautomation.com/forum/posts/preList/550/2635.page GMT