While launching inhouse content through VPN we are receiving the below warning message.
Learning Management System
Reproducing the Issue
Launch an inhouse (Hosted in your own content server which uses cross domain proxlet) content through VPN
This is an issue with VPN rewriting URL's. Our LMS application protects against cross domain.
If you don't want to see this popup, you have to disable CSRF Guard on their instance. This can be done by doing the following.
System Admin -> Configuration -> System Configuration -> CSRF_GUARD
Change the following to false
Note: But we highly recommend not to change this to false and just get used to the warning message since the configuration gives more security in cross domain content platform.
OWASP CSRFGuard java script was included from within an unauthorized domain!
enableCSRFGuard , KBA , LOD-SF-LMS-CNT , Content , Problem