My Oracle Support Banner

CSRF Security Alert When Accessing The Application (Doc ID 1383075.1)

Last updated on MAY 21, 2018

Applies to:

Oracle WebLogic Server - Version 10.3 and later
Information in this document applies to any platform.

Symptoms

When the user trying to access the some functionality of the application, which actually calls the other application running on different server ( Business Objects Server) to generate reports. It prompts up a window which shows as "potential CSRF attack"

In the logs we can see the respective error message

####<Oct 28, 2011 3:17:28 PM EST> <Error> <mx:BaseCallMarshaller> <tcsauslt454> <mxnode1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <132740> <> <> <1319775448744> <BEA-000000> <A request has been denied as a potential CSRF attack.>
####<Oct 28, 2011 3:17:28 PM EST> <Error> <mx:BaseCallMarshaller> <tcsauslt454> <mxnode1> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <132740> <> <> <1319775448747> <BEA-000000> <A request has been denied as a potential CSRF attack.>

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.