I add custom original url, and it works!
getRequestCycleListeners().add(new
CsrfPreventionRequestCycleListener().addAcceptedOrigin("mydomain"));
On Mon, Dec 24, 2018 at 9:26 AM Shengche Hsiao <shengchehs...@gmail.com>
wrote:
> Thanks Papegaaji, let me try.
>
> On Sun, Dec 23, 2018 at 8:32 PM Emond Papegaaij <emond.papega...@gmail.com>
> wrote:
>
>> I checked the answers and comments on that post, and they are
>> incorrect. When you
>> place your application behind a reverse http proxy, you need to make sure
>> the
>> proxy passes the correct headers to your application and you application
>> needs
>> to use these headers.
>>
>> For WildFly, you need to add proxy-address-forwarding="true" to the http-
>> listener. This will instruct Undertow to read the headers passed by the
>> proxy.
>>
>> On your proxy you will want to set these headers (this is nginx config):
>> proxy_set_header X-Real-IP $remote_addr;
>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>> proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
>> proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
>>
>> Best regards,
>> Emond Papegaaij
>>
>> On Sat, Dec 22, 2018 at 7:31 PM Chris Turchin <ch...@turchin.net> wrote:
>> >
>> > This might help:
>> >
>> https://stackoverflow.com/questions/46337253/apache-reverse-proxy-and-wicket-csrfpreventionrequestcyclelistener
>> >
>> > On Sat, Dec 22, 2018 at 3:28 AM ShengChe Hsiao <front...@gmail.com>
>> wrote:
>> > >
>> > > Dear all
>> > >
>> > > I use apache httpd as wildlfy's backend proxy server to redirect http
>> > > request to https request, when i add
>> CsrfPreventionRequestCycleListener to
>> > > my application , it showd error message:
>> > >
>> > > [org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener]
>> > > (default task-48) Possible CSRF attack, request URL: http://
>> > > etalking.chc.edu.tw/agency/index, Origin: https://etalking.chc.edu.tw
>> ,
>> > > action: aborted with error 400 Origin does not correspond to request
>> > >
>> > > How can i conquer this?
>> > > --------------------------------------------------------------------
>> > > ----------------------------------->
>> > > To boldly go where no man has gone before.
>> > > --------------------------------------------------------------------
>> > > ----------------------------------->
>> > > We do this not because it is easy. We do this because it is hard.
>> > > -----------------------------------------------------------------
>> > > -------------------------------------->
>> > > If I have seen further it is by standing on the shoulders of giants.
>> > > ----------------------------------------------------------
>> > > --------------------------------------------->
>> > > front...@gmail.com
>> > >
>> --------------------------------------------------------------------------------------------->
>> >
>> >
>> >
>> > --
>> > Chris Turchin <ch...@turchin.net>
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>> > For additional commands, e-mail: users-h...@wicket.apache.org
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>> For additional commands, e-mail: users-h...@wicket.apache.org
>>
>>
>
> --
>
> ----------------------------------------------------------------------->
> We do this not because it is easy. We do this because it is hard.
> ----------------------------------------------------------------------->
> ShengChe Hsiao
> ----------------------------------------------------------------------->
> front...@gmail.com
> front...@tc.edu.tw
> ----------------------------------------------------------------------->
> VoIP : 070-910-2450
> ----------------------------------------------------------------------->
>
--
----------------------------------------------------------------------->
We do this not because it is easy. We do this because it is hard.
----------------------------------------------------------------------->
ShengChe Hsiao
----------------------------------------------------------------------->
front...@gmail.com
front...@tc.edu.tw
----------------------------------------------------------------------->
VoIP : 070-910-2450
----------------------------------------------------------------------->
