Multiple CSRF alerts on running out-of-the-box activities
Multiple Cross-Site Request Forgery (CSRF) alerts occur in Pega Predictive Diagnostic Cloud (PDC) when running out-of-the-box activities.
Steps to Reproduce
A defect or configuration issue in the operating environment. The false positive for CSRF attack detected was blocked : URLAccessDetail CSRFAttack Invalid harness ID.
ResolutionPerform the following local-change:
- Create a dynamic system setting with the following Ruleset/Key/Value:
Owning Ruleset: Pega-Engine
Key / Setting Purpose: prconfig/security/urlaccessmode/default
- Restart the JVM
0% found this useful