Solved: Message "XSRF prevention check failed. Possible XS... - Qlik Community

tevkar1 · ‎2024-02-21

Hi,

We have a weird situation. When we call QRS API at our test environment (..../qrs/about), we get the following error message:

XSRF prevention check failed. Possible XSRF discovered.

Production environment works well. We use same Qlik edition - August 2023 patch 5

Restarting services doesn't help.

Appending "?xrfkey=16-char-string" doesn't help.

Any pointers ? where to look ?

Kind regards

Levi_Turner · ‎2024-02-21

The most likely culprit is a mismatch or absence of the xrfkey parameter and/or header (reference). To use the example from the help doc:

URL: https://localhost:4242/qrs/servernodeconfiguration/full?Xrfkey=abcdefghijklmnop
Header: X-Qlik-Xrfkey: abcdefghijklmnop

If you do not have the same Xrfkey specified in the URL param (?Xrfkey=abcdefghijklmnop) as in the X-Qlik-Xrfkey header, you will receive this response.

View solution in original post

Levi_Turner · ‎2024-02-21

The most likely culprit is a mismatch or absence of the xrfkey parameter and/or header (reference). To use the example from the help doc:

URL: https://localhost:4242/qrs/servernodeconfiguration/full?Xrfkey=abcdefghijklmnop
Header: X-Qlik-Xrfkey: abcdefghijklmnop

If you do not have the same Xrfkey specified in the URL param (?Xrfkey=abcdefghijklmnop) as in the X-Qlik-Xrfkey header, you will receive this response.

Message "XSRF prevention check failed. Possible XSRF discovered." appears when QRS API is utilized.

API

General Question