Could not verify the provided CSRF token because your session was not found in spring security

Question

I am using spring security along with java config

@Override
protected void configure(HttpSecurity http) throws Exception { 
    http
    .authorizeRequests()         


        

Answer 1

I get this error message (HTTP Status 403 - Could not verify the provided CSRF token because your session was not found.) when I do a JS fetch AJAX call without using the credentials: "same-origin" option.

Wrong way

fetch(url)
.then(function (response) { return response.json(); })
.then(function (data) { console.log(data); })

Correct way

fetch(url, {
    credentials: "same-origin"
})
.then(function (response) { return response.json(); })
.then(function (data) { console.log(data); })