csrf token per page – java.lang.IllegalStateException: must define 'uri' attribute when token per page is enabled

huangapple go评论95阅读模式
英文:

csrf token per page - java.lang.IllegalStateException: must define 'uri' attribute when token per page is enabled

问题

以下是您要翻译的内容:

我正在尝试从CsrfGuard.properties启用每页的令牌。但是在部署后,当我尝试访问URL时,我收到500错误,因为它抛出了以下异常。

请问您能帮我修复这个问题吗?我需要在哪里传递/定义这个URI?

CsrfGuard.properties

org.owasp.csrfguard.TokenPerPage=true
org.owasp.csrfguard.TokenPerPagePrecreated=true

JSP页面:

<form name="test">
.....
     <input type="hidden" name="<csrf:token-name/>" value="<csrf:token-value/>"/>
</form>

异常:

java.lang.IllegalStateException: 在启用每页令牌时必须定义'uri'属性
英文:

I am trying to enable the token par page from CsrfGuard.properties. but after deploying while I am trying to access the URL I am getting a 500 error because it's throwing below exception.

Can you please help me to fix this? Where do I need to pass/define this URI?

CsrfGuard.properties

org.owasp.csrfguard.TokenPerPage=true
org.owasp.csrfguard.TokenPerPagePrecreated=true

JSP Page:

<form name="test">
.....
     <input type="hidden" name="<csrf:token-name/>" value="<csrf:token-value/>"/>
</form>

Exception:

java.lang.IllegalStateException: must define 'uri' attribute when token per page is enabled

答案1

得分: 1

需要添加部分令牌值到标签中,

<input type="hidden" name="<csrf:token-name/>" value="<csrf:token-value uri='page.jsp' />"/>
英文:

It need to be added part of token value t tag,

&lt;input type=&quot;hidden&quot; name=&quot;&lt;csrf:token-name/&gt;&quot; value=&quot;&lt;csrf:token-value uri=&#39;page.jsp&#39; /&gt;&quot;/&gt;

huangapple
  • 本文由 发表于 2020年4月8日 22:37:56
  • 转载请务必保留本文链接:https://go.coder-hub.com/61103342.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定