Confluence requires an XSRF token to be present on comment creation, to prevent users being tricked into unintentionally submitting malicious data (read more about XSRF (Cross Site Request Forgery)). All of the themes bundled with Confluence have been designed to use this feature. However, if you are using a custom theme that does not support this security feature, you can disable it.

(warning) Please carefully consider the security risks before you disable XSRF protection in your Confluence installation.

 

(warning) Some functionality described on this page is restricted in 

Unable to render {include} The included page could not be found.
.

To configure XSRF protection:

  1. Choose Browse > Confluence Admin.
  2. Click 'Security Configuration' in the 'Security' section. The 'Edit Security Configuration' screen will be displayed.
  3. Click the 'Edit' link.
  4. To disable XSRF protection, uncheck the 'Add Comments' checkbox in the 'XSRF Protection' section.
  5. Click the 'Save' button.


Screenshot: Configuring XSRF protection

Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.