我有问题将csrf添加到ajax请求.我在客户端使用百里香叶弹簧/弹簧安全.Spring安全性不允许该请求,因为缺少csrf-token.这是我的ajax代码
function bits(){
var xhttp = new XMLHttpRequest();
var selected = document.getElementById("product").value;
xhttp.onreadystatechange = function(){
if(xhttp.readyState==4 && xhttp.status==200){
var result= JSON.parse(xhttp.responseText)
var length = result.length;
for(i=0; i<length; i++){
console.log(result[k].spid);
}
}
};
xhttp.open("POST", "http://localhost:8080/bids?q="+selected, true);
xhttp.send();
}
帮助将不胜感激
这是eclipse上的spring(具有spring安全性)+ Java + Maven应用程序。提交注册表单时遇到以下错误。随后查看我的其余文件:
HTTP Status 500 - Request processing failed; nested exception is
org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'defaultServletHandlerMapping' defined in class
org.springframework.web.servlet.config.annotation.DelegatingWebMvcConfiguration:
Bean instantiation via factory method failed; nested exception is
org.springframework.beans.BeanInstantiationException: Failed to instantiate
[org.springframework.web.servlet.HandlerMapping]:
Factory method 'defaultServletHandlerMapping'
threw exception; nested exception is java.lang.IllegalArgumentException:
A ServletContext is required to configure default servlet handling
我的文件:
AppInit
package com.myapp.config;
import org.springframework.security.web.context.*;
public class AppInit extends AbstractSecurityWebApplicationInitializer
}
MyApp配置文件:
package com.myapp.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.ComponentScan.Filter;
import org.springframework.context.annotation.Configuration; …Ajax请求localhost返回403错误.但是,当我将控制器requestMethod更改为GET并在浏览器上打开请求"url"时,它会显示从server返回的json数据.我希望使用该数据填充下拉列表.请帮忙.我正在使用带有弹簧MVC框架工作的spring security 4.0.CSRF未禁用.此外,网址固定在弹簧中.
我在这里检查了相关问题,但没有找到帮助我的解决方案.