欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

DWR2跨域访问异常【A request has been denied as a potential CSRF attack】

程序员文章站 2022-05-13 12:53:27
...

异常:

A request has been denied as a potential CSRF attack

java.lang.SecurityException, Session Error

发生:升级dwr2、tomcat7、weblogic11、jsp中dwr路径问题

解决:

1、添加跨域访问参数

<servlet>

         <servlet-name>dwr-invoker</servlet-name>

         <servlet-class>org.directwebremoting.servlet.DwrServlet</servlet-class>

         <init-param>

                   <param-name>debug</param-name>

                   <param-value>true</param-value>

         </init-param>

         <!-- 开启跨域调用 -->

         <init-param>      

             <param-name>crossDomainSessionSecurity</param-name>      

             <param-value>false</param-value>      

         </init-param>

</servlet>

2、调整jsp的dwr路径:

测试页面的路径:/Struts12/WebRoot/dwrDemo/index.jsp

调整前:

<script type="text/javascript" src="dwr/engine.js"></script>

<script type="text/javascript" src="dwr/util.js"></script>

<script type="text/javascript" src="dwr/interface/UserService.js"></script>

调整后,访问正常:

<script type="text/javascript" src="../dwr/engine.js"></script>

<script type="text/javascript" src="../dwr/util.js"></script>

<script type="text/javascript" src="../dwr/interface/UserService.js"></script>

 

 

 

 

【】

相关标签: dwr