PDF doesn't open with XSRF error



We've a Confluence 6.2.3 instance running behind a Nginx proxy to handle Basic Authentication out of Tomcat on our side.


When we try to open PDF documents directly from the instance we are not going anywhere and the following error appears:

referer: https://confluence.mayahtt.com/display/DCLD300/PDF+version+of+the+guides | url: /rest/webResources/1.0/resources | traceId: ef3a5ea983cca320 | userName: anonymous
2017-12-13 14:52:42,974 WARN [http-nio-8443-exec-19] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: https://localhost:8443/rest/analytics/1.0/publish/bulk , origin: https://confluence.mayahtt.com , referrer: https://confluence.mayahtt.com/display/DCLD300/PDF+version+of+the+guides , credentials in request: true , allowed via CORS: false


However, we have a specific situation as we have to make our Base URL not matching the website name. Everything works fine, PDF can be downloaded with no issue, we are just looking to have our PDF preview loading properly without this XSRF checks failed when not using the Base URL.


Thanks in advance for your support.



2 answers

1 accepted

0 votes
Accepted answer
Ann Worley Atlassian Team Dec 13, 2017

Hello John,

I am afraid there is no supported way to use Confluence with more than one URL/URLs other than the Base URL. Here is the pertinent ticket: Support accessing Confluence from alias that is different to the server base URL

If you use Chrome, the Postman Interceptor workaround may be helpful, described in: Cross Site Request Forgery (CSRF) protection changes in Atlassian REST That article also explains how the XSRF protection works.

In the error message you posted it looks like one of the requests is:


If https://localhost:8443 is the proxied address and not either of the URLs you use in your browser, then adding proxyName, proxyPort and scheme to server.xml may be necessary to preview the PDFs. That is also mentioned in the same article I linked above.

Happy holidays,


Hello Ann,


Thank you for your reply!


Defining in server.xml proxyName and proxyport fixed this issue and I can now open PDFs with the reverse proxy.


You can close the ticket.

Thanks again and happy holidays to you too.




Ann Worley Atlassian Team Dec 18, 2017

Thanks so much for following up. Happy to hear the previews work, now. :)

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Dec 18, 2018 in Confluence Cloud

Happy holidays from our team to yours!

Hi Community!  2018 was filled with changes for our team, both big and small, and we've taken a lot of time to both celebrate our wins and recognize areas of improvement. One thing that we're a...

473 views 3 18
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you