Loading...
 
Skip to main content

Potential cross-site request forgery (CSRF) detected. Operation blocked. Required headers are missing.

Status
Open
Subject
Potential cross-site request forgery (CSRF) detected. Operation blocked. Required headers are missing.
Version
21.x
Category
  • Error
Feature
Others
Resolution status
New
Submitted by
Ioannis Black
Lastmod by
Ioannis Black
Rating
(0)
Related-to
Description

Hello everyone.
I'm encountering the following issue. I found some tickets regarding this message but nothing seems to be related to this specific issue.
Is this a bug or something from my side? Any clues?

When I'm trying to access the page `/tiki-syslog.php` I'm getting this error message
Error message:
Potential cross-site request forgery (CSRF) detected. Operation blocked. Required headers are missing.

Log output:
Request to /tiki-syslog.php failed CSRF check. Requesting site could not be identified because HTTP_ORIGIN and HTTP_REFERER were empty.

Server Info

  • Release: Debian GNU/Linux 10 (buster)
  • Database Version: 10.3.23-MariaDB-0+deb10u1
  • PHP version: 7.3.19-1



Thank you very much.

Importance
5
Easy to solve?
5
Priority
25
Demonstrate Bug on Tiki 19+
Demonstrate Bug (older Tiki versions)
Ticket ID
7633
Created
Friday 11 December, 2020 12:32:38 UTC
by Ioannis Black
LastModif
Sunday 10 October, 2021 11:37:42 UTC


Show PHP error messages