Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

XSRF token error with Data Center evaluation

https://confluence.atlassian.com/bitbucketserverkb/xsrf-security-token-missing-779171343.html describes my problem pretty well, but none of the solutions are working.

This is a three-node Bitbucket Data Center system, behind a Netscaler load balancer, and the BITBUCKETSESSIONID cookie is getting set -- that I can see with the browser's tools.

Lines like this appear in the atlassian-bitbucket.log files:

2020-12-02 11:53:10,497 WARN [http-nio-7990-exec-1] admin @BL40E5x713x8x3 1d7b6ia 10.82.0.10 "POST /rest/analytics/1.0/publish/bulk HTTP/1.1" c.a.p.r.c.s.j.XsrfResourceFilter Additional XSRF checks failed for request: http://cigfsgit.runwaynine.com:443/rest/analytics/1.0/publish/bulk , origin: https://cigfsgit.runwaynine.com , referrer: https://cigfsgit.runwaynine.com/admin , credentials in request: true , allowed via CORS: false

The load balancer is redirecting HTTP requests to HTTPS, the secure attribute isn't set in bitbucket.properties, and this is a new installation, so there's no "jvmRoute" set.

1 answer

0 votes

Hi Chris,

I'm seeing 

http://cigfsgit.runwaynine.com:443/rest/analytics/1.0/publish/bulk

that looks like a typo to me - check both the Base URL you configured in the Bitbucket Server admin UI, as well as your settings for server.scheme in bitbucket.properties, which should be set to https, and server.secure needs to be set to true.

Cheers,

Christian

Premier Support Engineer

Atlassian

Yes, the base URL is configured wrong (http instead of https), but I cannot change it, because trying to submit the form to change it causes the XSRF error to happen.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

New improvements to user management in Bitbucket Cloud 👥

Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...

3,776 views 10 16
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you