AnsweredAssumed Answered

CSRF Filter with Chrome!

Question asked by t16 on Feb 11, 2015
Latest reply on Nov 9, 2015 by thamilanga
Hi guys,

Really simple problem here I hope…

Ive configured the CSRF filter to work and allow requests from a reverse proxy, and all is well using the override code in share-custom-config…

<config evaluator="string-compare" condition="CSRFPolicy" replace="true">
      <properties>
<token>Alfresco-CSRFToken</token>
<referer>https://www.serverxx/* etc etc </referer>
<origin>https://www.serverxx/* etc etc *</origin>
</properties>
   </config>
  

All works wonderfully in IE, but with Chrome, the CSRF filter is triggered ALL the time.

Does anyone know why this is, and what I can do as a workaround?!

many thanks.

Outcomes