Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Empty Referrer sent for requestor error

SA-83505

Summary



On closing all the existing browser tabs, the application does not open in a tab of the same browser session.


Error Messages



(mgmt.util.CSRFUtil) ERROR xx.x.xx.xx|xx.xx.xx.xx  - Empty Referrer sent for requestor:


Steps to Reproduce

  1. Open the Pega application in a browser.
  2. Close all the tabs on which the Pega application is running.
  3. Reopen the Pega application in the same browser session.


Root Cause



This behavior is as per Pega product design.


Resolution



Here's the explanation for the reported behavior:

When the Cross-Site Request Forgery (CSRF) is enabled in Pega, the application shares a CSRF token embedded as part of the URL. When the URL is clicked, for the next request-, the previous URL is the referrer from where the request is initiated. Hence, if the Pega application is unable to find the CSRF token in the referrer header as per the functionality, the 403 error message displays.

Tags:

User Experience

Published August 19, 2019 - Updated December 2, 2021

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Visit the Collaboration Center

Did you find this content helpful?

Yes
No

Want to help us improve this content?
Suggest an edit

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us