We've a Confluence 6.2.3 instance running behind a Nginx proxy to handle Basic Authentication out of Tomcat on our side.
When we try to open PDF documents directly from the instance we are not going anywhere and the following error appears:
referer: https://confluence.mayahtt.com/display/DCLD300/PDF+version+of+the+guides | url: /rest/webResources/1.0/resources | traceId: ef3a5ea983cca320 | userName: anonymous
2017-12-13 14:52:42,974 WARN [http-nio-8443-exec-19] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: https://localhost:8443/rest/analytics/1.0/publish/bulk , origin: https://confluence.mayahtt.com , referrer: https://confluence.mayahtt.com/display/DCLD300/PDF+version+of+the+guides , credentials in request: true , allowed via CORS: false
However, we have a specific situation as we have to make our Base URL not matching the website name. Everything works fine, PDF can be downloaded with no issue, we are just looking to have our PDF preview loading properly without this XSRF checks failed when not using the Base URL.
Thanks in advance for your support.
I am afraid there is no supported way to use Confluence with more than one URL/URLs other than the Base URL. Here is the pertinent ticket: Support accessing Confluence from alias that is different to the server base URL
If you use Chrome, the Postman Interceptor workaround may be helpful, described in: Cross Site Request Forgery (CSRF) protection changes in Atlassian REST That article also explains how the XSRF protection works.
In the error message you posted it looks like one of the requests is:
If https://localhost:8443 is the proxied address and not either of the URLs you use in your browser, then adding proxyName, proxyPort and scheme to server.xml may be necessary to preview the PDFs. That is also mentioned in the same article I linked above.
Hello Community, Jessica here from the Confluence product marketing team! Today I wanted to get your takes on project planning –– what works, what doesn’t, how do you know if you’re doing it r...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs