https://www.servicenow.com/community/developer-forum/what-should-i-do-repeat-errors-preventing-auto-resubmit-for-user/m-p/1450550#M107476 <P>Hello,</P> <P>&nbsp;</P> <P>Repeat Errors in Log - Preventing auto-resubmit for user after reaching max count following High Security Plug-in installed.</P> <P><STRONG>Preventing auto-resubmit for user: &lt;userid&gt; after reaching max count for CSRF token mis-matches!: no thrown error -&nbsp;com.glide.ui.ServletErrorListener</STRONG></P> <P>I do not understand what I need to do, ServiceNow did not give me advice.&nbsp; Do you have any recommendations?&nbsp;</P> <P>My questions here</P> <UL> <LI>Is this impacting the users in its’ current status? If so, what does that look like to the user?&nbsp; Are they getting error messages, slow response or other?</LI> <LI>Being SET TO false, why would there be error messages in the logs?&nbsp;</LI> <LI>Does this need to be turned on?&nbsp; Is so how will this impact the users? &nbsp;</LI> </UL> <P>Please note I am not a developer.</P> <TABLE width="100%"> <TBODY> <TR> <TD> <P>SERVICENOW RESPONSE<BR /> A careful review of the application node logs finds hundreds, or thousands, of the following errors.</P> <P><STRONG>App-Log:</STRONG> Found error for user &lt;userid&gt;<BR /> less localhost_log.2022-01-17.txt | sesh 27EE316A1B854910CB50CBBE034BCB22 | grep txid=56e246e21bc5</P> &nbsp;2022-01-17 08:42:37 (709) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 #313598 /<A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fxmlhttp.do&amp;c=E,1,LhQaKcPkOi7EvvpOm40NK_Sf9ui4qZTTjD1ydUKKFDsyOwQDbFNI-mpAV4Q9Y5y6fuO16kBCPBpIMOGBiv4_fJvT_a6-KNtTrcjHK5rMXgOhiYd_iS5mhu5a4Q,,&amp;typo=1&amp;ancr_add=1">xmlhttp.do</A> Parameters -------------------------<BR /> &nbsp;2022-01-17 08:42:37 (710) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 *** Start&nbsp; #313598 /<A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fxmlhttp.do&amp;c=E,1,jevgWtMP-nL17v035y0A06cxHQ_kWGLML3vxk9Xw-_U3PLJhdoe5RJ-IGjUoHF-CgNZcX7UM2Xq3n0eMQgWrHeiv5Tcy6zPWqqYxac2N&amp;typo=1&amp;ancr_add=1">xmlhttp.do</A>, user: &lt;userid&gt;<BR /> &nbsp;2022-01-17 08:42:37 (710) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 SEVERE *** ERROR *** Preventing auto-resubmit for user:&lt;userid&gt; after reaching max count for CSRF token mis-matches!<BR /> &nbsp;2022-01-17 08:42:37 (711) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 tx_pattern_hash=-2005944411 *** End&nbsp; #313598 /<A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fxmlhttp.do&amp;c=E,1,3bwIPtRVpn4_v-aa71794A92Cx078TsnHsjuWF1mybcEtEskTz9KZfTd8Vlt3KxW2yhfSOo5MC8maRYm9UI9SIqFiOkR9l46Ma0eAQIuDOy7SomOf9I,&amp;typo=1&amp;ancr_add=1">xmlhttp.do</A>, user: &lt;userid&gt;, total time: 0:00:00.017, processing time: 0:00:00.009, total wait: 0:00:00.008, session wait: 0:00:00.008, SQL time: 0:00:00.001 (count: 3), source: 70.31.114.130 <P>Note: The above CSRF (Cross-Site Request Forgery) token mismatch ERRORS could be impacted by the following system properties:</P> <P>&nbsp;</P> <P>glide.security.csrf.strict.validation.mode<BR /> glide.csrf.token.fail.count<BR /> glide.security.auto.resubmit.ajax.max.attempts</P> <P>The only one I found in your instance was <BR /> glide.security.csrf.strict.validation.mode and it's set to the default value of false</P> <P>&nbsp;</P> <P>Docs:</P> <P><A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdocs.servicenow.com%2fbundle%2frome-platform-administration%2fpage%2fadminister%2fsecurity%2fconcept%2fc_HighSecuritySettings.html%3fcshalt%3dyes&amp;c=E,1,UfyPROhPj_9yGnIpuFCS2pSW2I8p6fm9dUAh89ZdylO_W6zXpUgCGGCl7EtdOqJIHvCW0K5nrM-HKRtt0b-eLV8Ijf0Xz170eom385N7RAzBCviD9b41BQ,,&amp;typo=1">https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/security/concept/c_HighSecuritySettings.html?cshalt=yes</A></P> <P>&nbsp;</P> <P><U><A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdocs.servicenow.com%2fbundle%2frome-platform-administration%2fpage%2fadminister%2fsecurity%2freference%2fcsrf-strict-validation.html&amp;c=E,1,mts2KZDhBh7PMCl8FBAYS4MVTN1aLUav2WIppZErxAqfK_qrgSDBHAEye2GWB3A2BFblNudF7JtKFrYwWlpDRk3w8GbO8UgqV8B_GdEf7t6p&amp;typo=1">https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/security/reference/csrf-strict-validation.html</A></U></P> <P>&nbsp;</P> <P><BR /> <BR /> Thanks, <BR /> <BR /> John</P> </TD> </TR> </TBODY> </TABLE> <OL> <LI></LI> </OL> Tue, 18 Jan 2022 16:02:44 GMT Donna12 2022-01-18T16:02:44Z https://www.servicenow.com/community/developer-forum/what-should-i-do-repeat-errors-preventing-auto-resubmit-for-user/m-p/1450550#M107476 <P>Hello,</P> <P>&nbsp;</P> <P>Repeat Errors in Log - Preventing auto-resubmit for user after reaching max count following High Security Plug-in installed.</P> <P><STRONG>Preventing auto-resubmit for user: &lt;userid&gt; after reaching max count for CSRF token mis-matches!: no thrown error -&nbsp;com.glide.ui.ServletErrorListener</STRONG></P> <P>I do not understand what I need to do, ServiceNow did not give me advice.&nbsp; Do you have any recommendations?&nbsp;</P> <P>My questions here</P> <UL> <LI>Is this impacting the users in its’ current status? If so, what does that look like to the user?&nbsp; Are they getting error messages, slow response or other?</LI> <LI>Being SET TO false, why would there be error messages in the logs?&nbsp;</LI> <LI>Does this need to be turned on?&nbsp; Is so how will this impact the users? &nbsp;</LI> </UL> <P>Please note I am not a developer.</P> <TABLE width="100%"> <TBODY> <TR> <TD> <P>SERVICENOW RESPONSE<BR /> A careful review of the application node logs finds hundreds, or thousands, of the following errors.</P> <P><STRONG>App-Log:</STRONG> Found error for user &lt;userid&gt;<BR /> less localhost_log.2022-01-17.txt | sesh 27EE316A1B854910CB50CBBE034BCB22 | grep txid=56e246e21bc5</P> &nbsp;2022-01-17 08:42:37 (709) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 #313598 /<A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fxmlhttp.do&amp;c=E,1,LhQaKcPkOi7EvvpOm40NK_Sf9ui4qZTTjD1ydUKKFDsyOwQDbFNI-mpAV4Q9Y5y6fuO16kBCPBpIMOGBiv4_fJvT_a6-KNtTrcjHK5rMXgOhiYd_iS5mhu5a4Q,,&amp;typo=1&amp;ancr_add=1">xmlhttp.do</A> Parameters -------------------------<BR /> &nbsp;2022-01-17 08:42:37 (710) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 *** Start&nbsp; #313598 /<A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fxmlhttp.do&amp;c=E,1,jevgWtMP-nL17v035y0A06cxHQ_kWGLML3vxk9Xw-_U3PLJhdoe5RJ-IGjUoHF-CgNZcX7UM2Xq3n0eMQgWrHeiv5Tcy6zPWqqYxac2N&amp;typo=1&amp;ancr_add=1">xmlhttp.do</A>, user: &lt;userid&gt;<BR /> &nbsp;2022-01-17 08:42:37 (710) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 SEVERE *** ERROR *** Preventing auto-resubmit for user:&lt;userid&gt; after reaching max count for CSRF token mis-matches!<BR /> &nbsp;2022-01-17 08:42:37 (711) Default-thread-2 27EE316A1B854910CB50CBBE034BCB22 txid=56e246e21bc5 tx_pattern_hash=-2005944411 *** End&nbsp; #313598 /<A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fxmlhttp.do&amp;c=E,1,3bwIPtRVpn4_v-aa71794A92Cx078TsnHsjuWF1mybcEtEskTz9KZfTd8Vlt3KxW2yhfSOo5MC8maRYm9UI9SIqFiOkR9l46Ma0eAQIuDOy7SomOf9I,&amp;typo=1&amp;ancr_add=1">xmlhttp.do</A>, user: &lt;userid&gt;, total time: 0:00:00.017, processing time: 0:00:00.009, total wait: 0:00:00.008, session wait: 0:00:00.008, SQL time: 0:00:00.001 (count: 3), source: 70.31.114.130 <P>Note: The above CSRF (Cross-Site Request Forgery) token mismatch ERRORS could be impacted by the following system properties:</P> <P>&nbsp;</P> <P>glide.security.csrf.strict.validation.mode<BR /> glide.csrf.token.fail.count<BR /> glide.security.auto.resubmit.ajax.max.attempts</P> <P>The only one I found in your instance was <BR /> glide.security.csrf.strict.validation.mode and it's set to the default value of false</P> <P>&nbsp;</P> <P>Docs:</P> <P><A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdocs.servicenow.com%2fbundle%2frome-platform-administration%2fpage%2fadminister%2fsecurity%2fconcept%2fc_HighSecuritySettings.html%3fcshalt%3dyes&amp;c=E,1,UfyPROhPj_9yGnIpuFCS2pSW2I8p6fm9dUAh89ZdylO_W6zXpUgCGGCl7EtdOqJIHvCW0K5nrM-HKRtt0b-eLV8Ijf0Xz170eom385N7RAzBCviD9b41BQ,,&amp;typo=1">https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/security/concept/c_HighSecuritySettings.html?cshalt=yes</A></P> <P>&nbsp;</P> <P><U><A href="https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdocs.servicenow.com%2fbundle%2frome-platform-administration%2fpage%2fadminister%2fsecurity%2freference%2fcsrf-strict-validation.html&amp;c=E,1,mts2KZDhBh7PMCl8FBAYS4MVTN1aLUav2WIppZErxAqfK_qrgSDBHAEye2GWB3A2BFblNudF7JtKFrYwWlpDRk3w8GbO8UgqV8B_GdEf7t6p&amp;typo=1">https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/security/reference/csrf-strict-validation.html</A></U></P> <P>&nbsp;</P> <P><BR /> <BR /> Thanks, <BR /> <BR /> John</P> </TD> </TR> </TBODY> </TABLE> <OL> <LI></LI> </OL> Tue, 18 Jan 2022 16:02:44 GMT https://www.servicenow.com/community/developer-forum/what-should-i-do-repeat-errors-preventing-auto-resubmit-for-user/m-p/1450550#M107476 Donna12 2022-01-18T16:02:44Z https://www.servicenow.com/community/developer-forum/what-should-i-do-repeat-errors-preventing-auto-resubmit-for-user/m-p/1450551#M107477 <P>Hello,</P> <P>Please find the below thread this has go the answer:-</P> <P>https://community.servicenow.com/community?id=community_question&amp;sys_id=06d54b21db1cdbc01dcaf3231f9619f3</P> <P>Please mark answer correct/helpful based on Impact</P> Tue, 18 Jan 2022 16:08:15 GMT https://www.servicenow.com/community/developer-forum/what-should-i-do-repeat-errors-preventing-auto-resubmit-for-user/m-p/1450551#M107477 Saurav11 2022-01-18T16:08:15Z