IV88702: KNOWN_REFERRER_LIST prevents download of floor plan


With IV82436, in order to prevent cross-site request forgery (CSRF), the KNOWN_REFERRER_LIST was introduced in TRIRIGAWEB.properties. However, if the KNOWN_REFERRER_LIST is set, it does not allow you to download the floor plan graphic of a location record. When you right-click the graphic, and select to export as PDF, you get an error: “Sorry, your session has either timed out or is no longer active. For security reasons you have been redirected to this page. Please sign in again to continue.” Signing back in does not start the download either.

As a temporary fix, leave the KNOWN_REFERRER_LIST blank in TRIRIGAWEB.properties. Otherwise, if the KNOWN_REFERRER_LIST is set, graphics sections will not allow exports. Moving forward, graphic sections can now be exported when the KNOWN_REFERRER_LIST property is set.

Continue reading

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s