That makes me wonder: would having two subdomains do it? I have tickets.domain.com and rt.domain.com both going to the same thing, but rt.autodist.com is the actual domain in the configuration files. I wonder if starting from tickets.domain.com would cause this warning, as the browser sees one domain trying to do action on what it thinks is a different one? I'll have people stick to rt.domain.com and see if that makes a difference.
On Tue, Sep 27, 2016 at 8:23 AM, Sean Cwiek <[email protected]> wrote: > Hey Alex, > > > > We’ve seen this when users are jumping between the http and https versions > of our RT instance. Advising everyone to login at the https address seemed > to resolve it for us. > > > > Thanks. > > > > -Sean > > > > *From:* rt-users [mailto:[email protected]] *On > Behalf Of *Alex Hall > *Sent:* Monday, September 26, 2016 4:07 PM > *To:* rt-users <[email protected]> > *Subject:* [rt-users] Some users getting CSRF warnings when creating > tickets? > > > > Hi all, > > We're starting to have more people test RT now. Oddly, the two who just > started trying it out get CSRF warnings when they try to make or update > tickets, while no one else does. They are using Chrome, but so is a guy who > is *not* getting the warnings. We're all in the same building, thus on the > same network. Any idea why this might be happening? My Nginx log for RT > doesn't include anything about this, and my RT log is empty. Thanks. > > > -- > > Alex Hall > > Automatic Distributors, IT department > > [email protected] > -- Alex Hall Automatic Distributors, IT department [email protected]
--------- RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Boston - October 24-26 * Los Angeles - Q1 2017
