Possible cross-site request forgery

Hi to all

How to fix this one?

Thanks

Hi denver21,

Try to add this one in your RT_SiteConfig.pm Set(@ReferrerWhitelist, qw(www.example.com:443 www3.example.com:80));

Thanks,
Karen

Hi Ms karen

Ok i will do it, I’ll get back to you.

Thanks

Hi

The same, forgery appeared… :frowning:

Can you try to look if your RT_SiteConfig.pm is the same as below:

/etc/request-tracker4/RT_SiteConfig.d/50-debconf.pm
/etc/request-tracker4/RT_SiteConfig.d/51-dbconfig-common.pm

Thanks.
K.

Hi,

$RestrictReferrer = 0. If we set this value, is there any threat to the application???

Hi Mandy,

As far as I know. No threat to the application.

Thanks,
K