症状

You are on a version of Confluence > 3.4

atlassian-confluence.log に次のエラーが返される。

2012-03-24 14:59:02,248 ERROR [http-8080-14] [org.directwebremoting.dwrp.Batch] error A request has been denied as a potential CSRF attack.
 -- referer: http://confluence.com:8080/pages/editpage.action?pageId=123456 | url: /dwr/call/plaincall/HeartbeatAjax.startActivity.dwr | userName: anonymous

原因

This relates to some javascript in the Confluence editor.  This was removed in 3.4.  Since these files are cached for a long time, people with cached versions of the editor in their browsers will continue to make a heartbeat request back to the Confluence instance, and trigger this error, as the endpoint no longer functions.

ソリューション

Because this is a client side problem, it's difficult to institute a server level change to affect all clients. This error is harmless and will go away over time, as clients will refresh their browsers from time to time. To force the issue, you could instruct all your users to shift-reload while on the edit page screen.