Potential cross-site request forgery (CSRF) detected. Operation blocked. Required headers are missing.
- Status
- Open
- Subject
- Potential cross-site request forgery (CSRF) detected. Operation blocked. Required headers are missing.
- Version
- 21.x
- Category
- Error
- Feature
- Others
- Resolution status
- New
- Submitted by
- Ioannis Black
- Lastmod by
- Ioannis Black
- Rating
- Related-to
-
- Voting in a poll gives CSRF warning.
- CSRF on using module error messages
- CSRF warning blocks saving menu options
- Profile preview fails with ugly CSRF error
- CSRF Error Message displayed when adding new user to group
- Confirm action on CSRF warning causes warning to redisplay
- CSRF Error when trying to log in from the top bar
- elFinder: Can’t upload pictures on the tracker5 at dev.t.o (CSRF error)
- "The following mandatory fields are missing: Category" after anti-CSRF prompt
- Diagrams have poor usability still in 21.x LTS due CSRF and ticket expiration
- Remove "Protect against CSRF with a protective step" from the login settings page
- "GZip output" (feature_obzip) causes encoding errors in CSRF and error screens
- doc.t.o 19.x: I can't upload images to wiki pages (CSRF) with elFinder
- CSRF False positives
- Description
Hello everyone.
I'm encountering the following issue. I found some tickets regarding this message but nothing seems to be related to this specific issue.
Is this a bug or something from my side? Any clues?When I'm trying to access the page `/tiki-syslog.php` I'm getting this error message
Error message:Potential cross-site request forgery (CSRF) detected. Operation blocked. Required headers are missing.Log output:
Request to /tiki-syslog.php failed CSRF check. Requesting site could not be identified because HTTP_ORIGIN and HTTP_REFERER were empty.Server Info
- Release: Debian GNU/Linux 10 (buster)
- Database Version: 10.3.23-MariaDB-0+deb10u1
- PHP version: 7.3.19-1
Thank you very much.- Importance
- 5
- Easy to solve?
- 5
- Priority
- 25
- Demonstrate Bug on Tiki 19+
-
This bug has been demonstrated on show2.tiki.org
Please demonstrate your bug on show2.tiki.org
Show.tiki.org is not configured properlyThe public/private keys configured to connect to show2.tiki.org were not accepted. Please make sure you are using RSA keys. Thanks.
- Demonstrate Bug (older Tiki versions)
-
This bug has been demonstrated on show.tikiwiki.org
Please demonstrate your bug on show.tikiwiki.org
Show.tiki.org is not configured properlyThe public/private keys configured to connect to show.tikiwiki.org were not accepted. Please make sure you are using RSA keys. Thanks.
- Ticket ID
- 7633
- Created
- Friday 11 December, 2020 12:32:38 UTC
by Ioannis Black - LastModif
- Sunday 10 October, 2021 11:37:42 UTC