Search

CSRF 토큰 μ—λŸ¬

μ—λŸ¬ λ©”μ‹œμ§€

ERROR 23820 --- [nio-8080-exec-1] s.e.ErrorMvcAutoConfiguration$StaticView : Cannot render error page for request [/products/0j1k2l3m-4567-89ab-cdef-0123456789jk] and exception [An error happened during template parsing (template: "class path resource [templates//products/detail.html]")] as the response has already been committed. As a result, the response may have the wrong status code.
Java
볡사

ν˜„μƒ

HTML μ—μ„œ form 에 csrf 토큰을 μΆ”κ°€ν•˜λŠ” κ²½μš°μ—, HTML μ΅œμƒλ‹¨ λΆ€ν„° 토큰 input hidden νƒœκ·ΈκΉŒμ§€ μ½”λ“œκ°€ μ—„μ²­ κΈΈλ©΄, 그뢀뢄에 토큰을 ν‘œμ‹œν•˜μ§€ λͺ»ν•˜κ³  κ·Έ 이후 μ½”λ“œλΆ€ν„° 좜λ ₯λ˜μ§€ μ•ŠλŠ” μ—λŸ¬κ°€ λ°œμƒν•¨.

ν•΄κ²°

head νƒœκ·Έ μ•ˆμ— meta νƒœκ·Έλ‘œ HTML μ΅œμƒλ‹¨λΆ€ν„° κ°€μž₯ 짧은 μœ„μΉ˜μ— csrf 토큰이 λ“±μž₯ν•˜κ²Œ ν•˜λ©΄ ν˜„μƒμ΄ ν•΄κ²°λœλ‹€.
<meta name="_csrf" th:content="${_csrf.token}" /> <meta name="_csrf_header" th:content="${_csrf.headerName}" />
Java
볡사