Spring Security 3.2 CSRF disable for specific URLs

后端未结
关注
 7  1931
梦毁少年i 2020-12-08 02:32
Enabled CSRF in my Spring MVC application using Spring security 3.2.
My spring-security.xml

      
      
        
          7条回答        

        
                    
            
            
                         
                
              
              
                
                   离开以前
                                             
                
                
                (楼主)
            
              
              
                2020-12-08 03:02
              

            
            
                        
I am using Spring Security v4.1. After a lot of reading and testing, I disable the CSRF security feature for specific URLs using XML configuration.



    

    
        
        
        
        
        
        
    

    
        
            
                
                    
                    
                
                
                    
                    
                
                
                    
                    
                
            
        
    

    //...




With the above configuration, I enable the CSRF security only for POST|PUT|DELETE requests of all URLs which start with /rest/.
    
             
                                                        
            
            
              
                
                0
              
                   
                
               讨论(0)
              
                                                  
              
              
                          
             
       
          
              
                                       
     查看其它7个回答


            
                         
                    


               
            
    发布评论:
    
         
                        
    
    提交评论 
  
  

                    
                    
                    
                        
                        
                         加载中...
                        
                    
                
          
                              			
        
        
        
          
            
            
              
              
            
    


                                 
              
            
                          
    

        
         
                验证码
                
                  
                
                
                   看不清?
                
              
                                  
                    
   
                 
             
              提交回复