PDF doesn't open with XSRF error

Hello,

 

We've a Confluence 6.2.3 instance running behind a Nginx proxy to handle Basic Authentication out of Tomcat on our side.

 

When we try to open PDF documents directly from the instance we are not going anywhere and the following error appears:

referer: https://confluence.mayahtt.com/display/DCLD300/PDF+version+of+the+guides | url: /rest/webResources/1.0/resources | traceId: ef3a5ea983cca320 | userName: anonymous
2017-12-13 14:52:42,974 WARN [http-nio-8443-exec-19] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: https://localhost:8443/rest/analytics/1.0/publish/bulk , origin: https://confluence.mayahtt.com , referrer: https://confluence.mayahtt.com/display/DCLD300/PDF+version+of+the+guides , credentials in request: true , allowed via CORS: false

 

However, we have a specific situation as we have to make our Base URL not matching the website name. Everything works fine, PDF can be downloaded with no issue, we are just looking to have our PDF preview loading properly without this XSRF checks failed when not using the Base URL.

 

Thanks in advance for your support.

Regards,

John

2 answers

1 accepted

Accepted Answer
0 votes
Ann Worley Atlassian Team Dec 13, 2017

Hello John,

I am afraid there is no supported way to use Confluence with more than one URL/URLs other than the Base URL. Here is the pertinent ticket: Support accessing Confluence from alias that is different to the server base URL

If you use Chrome, the Postman Interceptor workaround may be helpful, described in: Cross Site Request Forgery (CSRF) protection changes in Atlassian REST That article also explains how the XSRF protection works.

In the error message you posted it looks like one of the requests is:

https://localhost:8443/rest/analytics/1.0/publish/bulk.

If https://localhost:8443 is the proxied address and not either of the URLs you use in your browser, then adding proxyName, proxyPort and scheme to server.xml may be necessary to preview the PDFs. That is also mentioned in the same article I linked above.

Happy holidays,

Ann

Hello Ann,

 

Thank you for your reply!

 

Defining in server.xml proxyName and proxyport fixed this issue and I can now open PDFs with the reverse proxy.

 

You can close the ticket.

Thanks again and happy holidays to you too.

 

Regards,

John

Ann Worley Atlassian Team Dec 18, 2017

Thanks so much for following up. Happy to hear the previews work, now. :)

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Oct 11, 2018 in Confluence

What are your project planning tips?

Hello Community,  Jessica here from the Confluence product marketing team! Today I wanted to get your takes on project planning –– what works, what doesn’t, how do you know if you’re doing it r...

248 views 1 4
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you