Ajax request to localhost return 403 error. However, when I change the controller requestMethod to GET and open the request "url" on the browser, it displays the json data returned from server.I wish to use the data to populate a dropdown list. Please, help. I'm using spring security 4.0 with spring MVC frame work. CSRF is not disable. Also, the url is secured in spring.
I have checked related questions here but didn't see a solution that helps me.
You are receiving a 403 because of one of these reasons:
For each of the above:
The answer you provided doesn't help you understand what your problem is thus you will face more of these types of issues down the track which will be difficult to troubleshoot.
I found a way out: I changed the request methods of both AJAX call and its controller from POST to GET and obtain 200 - OK status for request. Also, when I open the AJAX request "URL" on the browser on which I'm logged in on my web app, it displays JSON data. However, when I open on a browser on which I'm not logged in, Spring security requests my login - Perfect I guess!.
Please is this action OK from a security standpoint?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.