Issue Description
1. log into jasper server
2. click on manage repository
3. scroll down on left pane. Pop-up happens
----------------------------------------------------------------------------------- Expected result--------------------------------------------
It should popup and generate the rest of the repository tree.
----------------------------------------------------------------- Actual result: -----------------------------------------------------------------
When managing repository you can scroll down and a popup will appear (to load the next section of the repository) it never finished.
The error appears to be uri:/jasperserver-pro/flow.html, error:required token is missing from the request. Disabling csrf token works but not safe to disable the same.
Resolution
It may be because of "org.owasp.csrfguard.TokenName=JASPER_CSRF_TOKEN"
has underscore inside file WEB-INFesapiOwasp.CsrfGuard.properties.
Usually nginx does not allow underscores in the headers by default.
Try setting "underscores_in_headers on" in nginx. Please refer to below link:
http://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers
Ref. Case 00072340
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now