Written by The Jahia Team
 
Developers
   Estimated reading time:
8.0.1.0

When I try to use my custom action I get an error and seems the action is not availble, what can I do? The error is

[CsrfGuard] - potential cross-site request forgery (CSRF) attack thwarted ....  

 

Answer

Per default the CsrfGuard, block all actions. But you can configure it for your action. You can open in jahia tools --> the OSGI console, there you have the possibility to change the config (under OSGI - Configuration):

image-2020-09-29-12-03-39-841.png

There you have to search for the "org.jahia.modules.jahiacsrfguard-default.cfg", when you click on it the configuration pops up:

image-2020-09-29-12-05-50-121.png

There you should see a whitelist, per dafault *.myAction.do will be there, and you can comma seperated add other actions to this whitelist, for instance in my example I added *.uploadTest.do

 

After save this config, it should be deployed and the action should work as expected.

Related links