Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000017742 - Potential cross-site request forgery (CSRF) attack thwarted found in pi_webserver.log - RSA enVision

Document created by RSA Customer Support

on Jun 16, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000017742
Applies To	RSA enVision 4.1
Issue	Potential cross-site request forgery (CSRF) attack thwarted in pi_webserver.log - RSA enVision Jan 13, 2014 2:28:47 PM com.opensystems.privatei.util.Logger:SEVERE: potential cross-site request forgery (CSRF) attack thwarted (user:soc1007, ip:10.122.4.24, uri:/isaw/applet/analysis.webserver.common.jar.pack.gz, error:required token is missing from the request.)
Cause	These url patterns are unprotected. For csrf, we append the token only to the protected resources and for the unprotected ones this is not required.
Resolution	These logs are harmless, users can ignore these messages.
Legacy Article ID	a65574

Attachments

Outcomes

0 Comments

Recommended Content