dwr:A request has been denied as a potential CSRF attack.错误的解决
来源:互联网 发布:秋水南风捏脸数据 编辑:程序博客网 时间:2024/06/12 17:07
dwr遇到这种错误:
org.directwebremoting.util.CommonsLoggingOutput error
严重: A request has been denied as a potential CSRF attack.
在参照dwr的官方网站时,如果在后台出现如下的提示信息:A request has been denied as a potential CSRF attack
则,需要在web.xml中的如下配置修改一下
<servlet>
<servlet-name>dwr-invoker</servlet-name>
<servlet-class>org.directwebremoting.servlet.DwrServlet</servlet-class>
<!-- 想查看DWR自动生成的测试页(Using debug/test mode),这个参数debug默认是false.如果选择true.
我们可以通过url http://localhost:port/app/dwr来查看你部署的每个DWR class。
并且可以测试java代码的每个方法是否运行正常。 为了安全考虑,在正式环境下你一定把这个参数设为false. -->
<init-param>
<param-name>debug</param-name>
<param-value>true</param-value>
</init-param>
<!-- 加入了跨域调用功能.这个参数是在dwr版本2.0才有的. 默认值为true,也就是禁止其他域发送请求.
否则在跨站调用时会报 org.directwebremoting.util.CommonsLoggingOutput error
严重: A request has been denied as a potential CSRF attack的错误信息
请求被拒绝因为可能存在csrf(cross-site request forgeries,跨站请求伪造)攻击.
也就是说页面URL可能被跨站了的服务所调用.
例如:自己页面的一个图片.可能被其他站直接通过[img]....[/img]来引用.
-->
<init-param>
<param-name>crossDomainSessionSecurity</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>dwr-invoker</servlet-name>
<url-pattern>/dwr/*</url-pattern>
</servlet-mapping>
即加入了跨域调用功能
说明:将JSP文件中所引用的js文件engine.js的方式,由<script type="text/javascript" src="js/engine.js"></script> 更改成:<script type="text/javascript" src="dwr/engine.js"></script>,这样也行。不需要手动创建engine.js和util.js文件,也需要创建什么interface文件夹,就这样固定写就行了
转载地址:http://laoxiao9ban.blog.163.com/blog/static/43954187201123145111251/
- dwr:A request has been denied as a potential CSRF attack.错误的解决
- dwr的A request has been denied as a potential CSRF attack.错误
- dwr的A request has been denied as a potential CSRF attack.错误
- 亲测遇到dwr的A request has been denied as a potential CSRF attack错误的解决方案
- A request has been denied as a potential CSRF attack.”
- A request has been denied as a potential CSRF attack.”
- A request has been denied as a potential CSRF attack.
- A request has been denied as a potential CSRF attack.”
- DWR A request has been denied as a potential CSRF attack
- tomcat7:dwr下A request has been denied as a potential CSRF attack.
- dwr:A request has been denied as a potential CSRF attack.
- DWR A request has been denied as a potential CSRF attack
- DWR A request has been denied as a potential CSRF atta 的两种情况
- dwr的org.directwebremoting.dwrp.Batch:75-A request has been denied as a ppotential CSRF attack错误
- Dwr Session Error A request has been denied 异常
- WebTools has not been correctly installed as a NT Service.
- Cannot create a session after the response has been committed错误的原因
- Struts2 Cannot create a session after the response has been committed 一个不起眼的错误
- Solr5之使用Tomcat部署Solr
- 系统架构师备考说明
- SpringMVC原理
- File类读写
- Lustre并行文件系统建设
- dwr:A request has been denied as a potential CSRF attack.错误的解决
- eclipse安装tomcat7.0不能访问首页问题
- 将十进制正整数转化为定长为4的N进制字符串,N可以是小于37的任意进制
- 类簇
- [.Net码农]T4模版引擎之基础入门
- List泛型集合
- MongoDB start
- MIPI spec总结
- 购物网站总结
