Exception type: CMS.Protection.Web.UI.CsrfException Stack trace: at CMS.Protection.Web.UI.CsrfProtection.ThrowCsrfException(String message, Exception innerException) at CMS.Protection.Web.UI.CsrfPr...

Hi,We have upgraded out site to Kentico 12 from 10, and previously we were able to set this.Page.Items[@CsrfProtectionDisabledOnPage@] = true; to disable CSRF on specific pages.This now no longer...

HiI found an error about CSRF in the Kentico event log.Is this an external attack? What do you guys do when a CSRF error is logged?Source: Application_Error EventCode: EXCEPTION UserName: publicEve...

SameSite is an HTTP cookie header that provides a certain level of protection against Cross-site request forgery (CSRF) attacks by limiting where and how the cookies can be used. This article describes two methods of setting this header in Kentico.

Hi there,We've done a recent release to our Kentico 11 solution. Nothing much in it, just rendering some webforms fields with data in a pre-existing template.However it's caused an issue whereby we...

Recently we've been getting the errors with CSRF in Event Log. Anyone can tell us what is causing these errors?1. Message: The CSRF cookie was missing.2. Message: The CSRF hidden field was malforme...

Hello everyone! I am having problems with report of CSRF attack on my eventlog.xml. Does anyone have the same issue or know how can I fix it? Or is it a real attack?

I found that some special links does not have __CMSCsrfToken value It also happening in this forum. Ex: https://devnet.kentico.com/imagegen.ashx

I'm getting the following error several dozen times per hour: The CSRF cookie was missing.The error occurs on my production server only, not any of the development environments. This leads me to be...

Kentico 10 operating on a Windows Server. I'm getting the following error in the Event Log several dozen times per hour: The CSRF cookie was missing.The error occurs on my production server only, ...