Some Requests to Cadenza Fail and a "Same Origin Check" Warning is Logged

If users report that some operations result in errors, specifically modifying operations and you have WARN level log lines that contain a message like:

Same origin check failed for {} request to '{}': source origin is '{}' and target origin is '{}'

Then your reverse proxy configuration is faulty.

Cadenza includes a CSRF (Cross Site Request Forgery) check that prevents certain classes of security vulnerabilities. In order for this check to work you need to make sure that your reverse proxy forwards all relevant information to the Cadenza server.

See Reverse Proxy and Load Balancer Requirements for more information on how to configure your reverse proxy.