Hi, We have a RT 4.0.7 instance setup that can be accessed by 2 different urls. With one url we get this message:
RT has detected a possible cross-site request forgery for this request, because the Referrer header supplied by your browser (prodrt.rcs.fas.harvard.edu:443) is not allowed by RT's configured hostname (prodrt.fas.harvard.edu:443). This is possibly caused by a malicious attacker trying to perform actions against RT on your behalf. If you did not initiate this request, then you should alert your security team. The other url path we don't. This is annoying to some of the people using RT. Is there any way to disabled these warnings ? This didn't exist in an earlier version of RT we were running (v3.8.8). Thanks, Mike
-------- Final RT training for 2012 in Atlanta, GA - October 23 & 24 http://bestpractical.com/training We're hiring! http://bestpractical.com/jobs
