我想在tomcat中禁用CSRF警衛。我不知道如何讓後面的頁面刷新按鈕起作用。目前,我只想禁用與csrf相關的所有內容。爲此目的,有一個文件 Owasp.CsrfGuard.Properties文件。有以下屬性:在Java EE,Struts 1.3中禁用CSRF Guard
org.owasp.csrfguard.TokenName=OWASP_CSRFTOKEN
org.owasp.csrfguard.TokenLength=32
org.owasp.csrfguard.PRNG=SHA1PRNG
org.owasp.csrfguard.Logger=org.owasp.csrfguard.log.ConsoleLogger
org.owasp.csrfguard.NewTokenLandingPage=PYEntry.jsp
org.owasp.csrfguard.action.Log=org.owasp.csrfguard.action.Log
org.owasp.csrfguard.action.Log.Message=potential cross-site request forgery (CSRF) attack thwarted (user:%user%, ip:%remote_ip%, uri:%request_uri%, error:%exception_message%)
org.owasp.csrfguard.unprotected.QualificationPage=/pondicheryJan30/qualification.do
org.owasp.csrfguard.unprotected.PersonalPage=/pondicheryJan30/personal.do
org.owasp.csrfguard.unprotected.DownloadResume=/pondicheryJan30/DownloadResumeAction.do
org.owasp.csrfguard.unprotected.allotUpdatePage=/pondicheryJan30/allotUpdate.do
org.owasp.csrfguard.unprotected.PersonalEditPage=/pondicheryJan30/personalEdit.do
org.owasp.csrfguard.action.Redirect=org.owasp.csrfguard.action.Redirect
org.owasp.csrfguard.action.Redirect.Page=globalerror.jsp
感謝您的回覆 我已經嘗試過在發佈我的問題之前,在這一節。但它力氣工作 – user2269170 2013-05-15 05:03:59