TechQA.

Should all the form's submit work after a valid one submit with CSRF?

104 views Asked by At

I am using CSRF with spring.

When I enabled this, cant submit any form (makes sence since I need the token for every post).

The problem is this:

After I submit a form with a valid token (in my case , the login). all other submit forms keep working... as far as I understand, should not work.

Any idea why is this?

I am using spring 3.2 and security 3.2.5

Thanks

spring forms csrf
Original Q&A
1

There are 1 answers

2
M. Deinum On

Assuming that you are using JSP and are using the Spring form tags it works as designed.

The token is automatically added to the form through the use of a RequestDataValueProcessor. When using the Spring Security namespace or annotation based configuration support the CsrfRequestDataValueProcessor is automatically configured and added to the configuration.

This is also mentioned in the Spring Security reference guide.

If you are using Spring MVC <form:form> tag or Thymeleaf 2.1+ and are using @EnableWebSecurity, the CsrfToken is automatically included for you (using the CsrfRequestDataValueProcessor).

Related Questions in SPRING

Related Questions in FORMS

Related Questions in CSRF

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions