Ajax Error. Uncaught Error. {“error”:{“code”:403,“message”:“Forbidden: Insecure form submission”}}
What is the issue you’re encountering
We’ve observed that due to routing through the Cloudflare service provider (SP), the application requires a full page reload each time to reflect changes or load data correctly. While we’re able to log in and retrieve data initially without issue, using the browser’s back button intermittently results in an error: AJAX Error. Uncaught Error: {“error”:{“code”:403,“message”:“Forbidden: Insecure form submission”}} Sometimes the data loads successfully, but other times this error is triggered, impacting user experience. Please investigate the root cause and let us know if any configuration changes or optimizations are needed—either in the application or on the Cloudflare side—to resolve this issue.
What steps have you taken to resolve the issue?
every time need to hard reload
Was the site working with SSL prior to adding it to Cloudflare?
No
What is the current SSL/TLS setting?
Flexible
What are the steps to reproduce the issue?
Go to consumers page and filter any specific then press the back button or return then then random numbers open one by one in column then we got the error
typically means the server is rejecting the AJAX request because it deems it insecure. When using Cloudflare’s Flexible SSL, the browser talks to Cloudflare over HTTPS, but Cloudflare talks to your origin server over HTTP.
This mismatch often leads to:
CSRF protection on the server seeing the request as insecure.
AJAX calls being blocked if the Referer or Origin headers don’t match expected HTTPS protocols.
Caching or routing issues due to Cloudflare incorrectly caching dynamic content.
