[rt-users] Some users getting CSRF warnings when creating tickets?
Todd Wade
waveright at gmail.com
Tue Sep 27 14:52:08 EDT 2016
On 9/27/16 9:17 AM, Alex Hall wrote:
> That makes me wonder: would having two subdomains do it? I have
> tickets.domain.com and rt.domain.com both going to the same thing,
> but rt.autodist.com is the actual domain in the configuration files.
Yes this would do it. There is a config option to allow you to bypass
the CSRF warning for the additional domains:
https://docs.bestpractical.com/rt/4.4.1/RT_Config.html#ReferrerWhitelist
More information about the rt-users
mailing list