This might help: https://stackoverflow.com/questions/46337253/apache-reverse-proxy-and-wicket-csrfpreventionrequestcyclelistener
On Sat, Dec 22, 2018 at 3:28 AM ShengChe Hsiao <front...@gmail.com> wrote: > > Dear all > > I use apache httpd as wildlfy's backend proxy server to redirect http > request to https request, when i add CsrfPreventionRequestCycleListener to > my application , it showd error message: > > [org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener] > (default task-48) Possible CSRF attack, request URL: http:// > etalking.chc.edu.tw/agency/index, Origin: https://etalking.chc.edu.tw, > action: aborted with error 400 Origin does not correspond to request > > How can i conquer this? > -------------------------------------------------------------------- > -----------------------------------> > To boldly go where no man has gone before. > -------------------------------------------------------------------- > -----------------------------------> > We do this not because it is easy. We do this because it is hard. > ----------------------------------------------------------------- > --------------------------------------> > If I have seen further it is by standing on the shoulders of giants. > ---------------------------------------------------------- > ---------------------------------------------> > front...@gmail.com > ---------------------------------------------------------------------------------------------> -- Chris Turchin <ch...@turchin.net> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
