stackoom
  简体   繁体   中英

Missing CSRF token in REST request

 原文  2014-07-07 16:01:35       spring/ rest/ csrf

Question

I'm writing a REST API using Spring MVC. I'm trying to access a controller method via a POST request.

I always receive a 403 error: 

Invalid CSRF Token '' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'.

How can I deliver a CSRF token within my REST request? I tried to use the default security password which is displayed during application startup as the value for _csrf but it wasn't successful.

How can I retrieve the CSRF token and is it correct to send the token in the _csrf parameter?

1 answers

solution1
 1 ACCPTED  2014-07-07 18:38:51

You will need to provide the correct header and CSRF token when making the request eg 

request.setRequestHeader('${_csrf.headerName}', '${_csrf.token}');

You can also send the token as a request parameter using _csrf.parameterName .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Invalid CSRF Token in POST request Spring Security not sending CSRF token in REST Application SPRING CSRF throws 405 despite CSRF token in request CSRF token per request in spring security How to add csrf token to ajax request Spring Security - CSRF token on GET request Different csrf token per request in Spring security Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN' Spring boot - Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN' Spring CSRF token does not work, when the request to be sent is a multipart request
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM