Overview:

ARTIFACTORY: How to fix the error "CsrfError: No XHR Header"

AuthorFullName__c
Ahmad Zeidan
articleNumber
000005664
ft:sourceType
Salesforce
FirstPublishedDate
2023-03-31T13:06:15Z
lastModifiedDate
2023-03-31
VersionNumber
1
If you are encountering the error message "CsrfError: No XHR Header" in your Artifactory logs, it means that the CSRF (Cross-Site Request Forgery) protection mechanism has blocked a request that lacked the mandatory XHR (XMLHttpRequest) header. Specifically, the URL "/externals/vue-router/dist/vue-router.min.js" has been blocked. This error usually arises when using a reverse proxy in front of Artifactory, and the reverse proxy is running an outdated version of Nginx or Apache that does not support XHR headers.

To address this error, the reverse proxy configuration must be updated to include the X-Requested-With header in the request. The steps for doing so are outlined below:

1. Locate the reverse proxy configuration file. The location of this file varies depending on the web server you are using. For instance, in the case of Nginx, it is usually located in the “/etc/nginx/conf.d/” directory, whereas for Apache, it is generally located in the “/etc/httpd/conf/” directory and open the reverse proxy configuration file using a text editor.

2. Find the location block that proxies request to Artifactory and then add the following line to the location block: