The POST request cannot be submitted because the CSRF of SpringSecurity is in the separate architecture of the front and rear end.

due to the use of SpringSecurity, the CSRF function is turned on by default. If you initiate a POST request on the front-end page, it will report a 403 error due to a problem with SpringSecurity"s CSRF. Looking for solutions online and looking at official documents only wrote two solutions
1. Turn off the CSRF function directly.
2. If you use the JSP page, add the get CSRF token, to the head tag and add the token to the ajax request

<!-- default header name is X-CSRF-TOKEN -->
<meta name="_csrf" content="${_csrf.token}"/>
<meta name="_csrf_header" content="${_csrf.headerName}"/>



$(function () {
    var token = $("meta[name="_csrf"]").attr("content");
    var header = $("meta[name="_csrf_header"]").attr("content");
    $(document).ajaxSend(function(e, xhr, options) {
        xhr.setRequestHeader(header, token);
    });
});

but if the project is separated from the front and back end, how to get CSRF token, so I would like to ask the seniors


you can obtain csrf_token, through the API and append it to header or parameter before ajax or form submission, and then submit it together

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1b32a58-2be33.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1b32a58-2be33.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?