即使我在提交弹簧窗体时发送有效的csrf令牌,我也会收到csrfTokenMissingException。 该场景是当我重新启动应用程序服务器并单击特定的" abc"直接链接,它正在抛出csrfTokenMissingException,但当我点击其他链接(xyz链接),其中csrf令牌有效并且它正常工作,之后我点击abc链接,然后它正常工作。在所有情况下,我发送有效的csrf令牌。
<form id="menuForm" action="/TEST/loginValidate" method="post" autocomplete="off">
<div>
<input type="hidden" name="_c`enter code here`srf" value="0179ad01-85d2-4587-b754-b1aa33243967">
</div>
</form>
function test(){
$('#menuForm').attr('action','testUrl');
$('#menuForm').submit();
}
public class CustomAccessDeniedHandler extends AccessDeniedHandlerImpl{
@Override
public void handle(HttpServletRequest request,HttpServletResponse response,AccessDeniedException accessDeniedException)
throws IOException, ServletException {
if (accessDeniedException instanceof MissingCsrfTokenException
|| accessDeniedException instanceof InvalidCsrfTokenException) {
System.out.println(" == :: accessDeniedException exception --------------------- 46464646 "+accessDeniedException.getClass());
System.out.println(" == :: getRequestURI "+request.getRequestURI());
System.out.println(" ------ X-CSRF-Token "+request.getHeader("X-CSRF-Token"));
response.sendRedirect(request.getContextPath());
}
super.handle(request, response, accessDeniedException);
}
}
请检查代码以供参考。