Hi,
When I use a CsrfPreventionRequestCycleListener, clicking a Link<> while
holding the command key does not open link in new tab.
(Wicket 8.0.0-M2 / OSX)
I get this error :
HTTP ERROR 400
Problem accessing /. Reason: Origin does not correspond to request
Clicking a BookmarkablePageLink is
Hi François,
Since 8.0.0-M2 (and 7.5.0) the CsrfPreventionRequestCycleListener will block
requests without an Origin and Referer header. The reason for this is that is
possible for an attacker to prevent a browser from sending a referer header
(for example with rel="noreferrer"). When you open
Thanks a lot you very detailed information.
François
> Le 14 nov. 2016 à 09:25, Emond Papegaaij a écrit
> :
>
> Hi François,
>
> Since 8.0.0-M2 (and 7.5.0) the CsrfPreventionRequestCycleListener will block
> requests without an Origin and Referer header. The reason for this is that is
> po
