You can read about CSRF for ex. here https://owasp.org/www-community/attacks/csrf#:~:text=Cross%2DSite%20Request%20Forgery%20(CSRF,which%20they're%20currently%20authenticated .
On Mon, 28 Dec 2020 at 17:20, Ali Alhaidary <ali.alhaid...@the5stars.org> wrote: > INFO 12-28 09:46:14.031 > o.a.w.p.h.CsrfPreventionRequestCycleListener:591 [nio-5443-exec-5] - > Possible CSRF attack, request URL: > > https://rooms.the5stars.org:5443/openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage;jsessionid=A3121C40C116661EDAB5ACA4A44F5D03, > > Origin: null, action: aborted with error 400 Origin does not correspond > to request > since this is reported against the SigIn page you can ignore it :) > > is this normal? what does it mean? > > -- Best regards, Maxim
