Symptom
While launching inhouse content through VPN we are receiving the below warning message.
Environment
Learning Management System
Successfactors Learning
LMS
Reproducing the Issue
Launch an inhouse (Hosted in your own content server which uses cross domain proxlet) content through VPN
Cause
This is an issue with VPN rewriting URL's. Our LMS application protects against cross domain.
Resolution
If you don't want to see this popup, you have to disable CSRF Guard on their instance. This can be done by doing the following.
Go into
System Admin -> Configuration -> System Configuration -> CSRF_GUARD
Change the following to false
enableCSRFGuard=false
Note: But we highly recommend not to change this to false and just get used to the warning message since the configuration gives more security in cross domain content platform.
Keywords
OWASP CSRFGuard java script was included from within an unauthorized domain!
CSRFGuard
enableCSRFGuard , KBA , LOD-SF-LMS-CNT , Content , Problem