gpt4 book ai didi

xml - spring security 4 csrf 通过 xml 禁用

转载 作者:数据小太阳 更新时间:2023-10-29 01:38:26 24 4
gpt4 key购买 nike

有没有办法通过 XML 配置在 spring security 中禁用 CSRF token ?我只看到 java 配置在线..可以基于 xml 的示例。使用 spring 框架 4.0

最佳答案

As of Spring Security 4.0, CSRF protection is enabled by default with XML configuration. If you would like to disable CSRF protection, the corresponding XML configuration can be seen below.

<http>
<!-- ... -->
<csrf disabled="true"/>
</http>

CSRF protection is enabled by default with Java configuration. If you would like to disable CSRF, the corresponding Java configuration can be seen below. Refer to the Javadoc of csrf() for additional customizations in how CSRF protection is configured.

@EnableWebSecurity
public class WebSecurityConfig extends
WebSecurityConfigurerAdapter {

@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable();
}
}

见下面的链接 http://docs.spring.io/spring-security/site/docs/4.0.x/reference/htmlsingle/#csrf-configure

关于xml - spring security 4 csrf 通过 xml 禁用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31312844/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com