JavaScript Trying to use React/Ajax calls with Spring MVC and Thymeleaf

according to the docs, I should be able to include the CSRF tokens in the header, grab them with jquery, and include them in the headers of my ajax calls.

Unfortunately, including

<html class='default' xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
  <head>
    <meta charset='UTF-8'/>
    <meta http-equiv='X-UA-Compatible' content='IE=Edge,chrome=1' />
    <meta name="_csrf" content="${_csrf.token}"/>
    <!-- default header name is X-CSRF-TOKEN -->
    <meta name="_csrf_header" content="${_csrf.headerName}"/>
...
</html>

outputs:

<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">
<meta name="_csrf" content="${_csrf.token}">
<!-- default header name is X-CSRF-TOKEN -->
<meta name="_csrf_header" content="${_csrf.headerName}">

And not the actual token so there is nothing to grab.

Has anyone had success with this way of handling ajax post/puts/deletes?

reference: http://docs.spring.io/spring-security/site/docs/3.2.0.CI-SNAPSHOT/reference/html/csrf.html

Answer:1

You forget the prefix "th". your template should look like this:

<meta id="_csrf" name="_csrf" th:content="${_csrf.token}"/>
<meta id="_csrf_header" name="_csrf_header" th:content="${_csrf.headerName}"/>

and your ajax call:

var token = $('#_csrf').attr('content');
var header = $('#_csrf_header').attr('content');

$.ajax({
    type: "POST",
    url: url,
    beforeSend: function (xhr) {
        xhr.setRequestHeader(header, token);
    },
    success: function (data, textStatus, jqXHR) {
        alert(status);
    },
    error: function (request, status, error) {
        alert(status);
    }
});
Answer:2

Using GTM and Enhanced eCommerce: I need to track eCommerce on a third-party system and the required ID field is not called ID or transactionID ... it is called confirmID. I'm trying to retrieve a few ...

Using GTM and Enhanced eCommerce: I need to track eCommerce on a third-party system and the required ID field is not called ID or transactionID ... it is called confirmID. I'm trying to retrieve a few ...

  1. google enhanced ecommerce data layer
  2. google enhanced ecommerce analytics
  3. google enhanced ecommerce magento 2
  4. google enhanced ecommerce
  5. google enhanced ecommerce example
  6. google enhanced ecommerce add to cart
  7. google enhanced ecommerce magento 1
  8. google analytics enhanced ecommerce example
  9. google analytics enhanced ecommerce tracking
  10. google analytics enhanced ecommerce tag manager
  11. google analytics enhanced ecommerce data layer
  12. google analytics enhanced ecommerce reporting
  13. google analytics enhanced ecommerce shopify
  14. google analytics enhanced ecommerce magento 2
  15. google analytics enhanced ecommerce gtm
  16. google analytics enhanced ecommerce checkout steps
  17. google analytics enhanced ecommerce setup
  18. google analytics enhanced ecommerce events
  19. google analytics enhanced ecommerce refund
  20. google analytics enhanced ecommerce woocommerce

How to extrude a quarter Circle Geometry (THREE.CircleGeometry) in Three.js? I create the quarter circle like this: var circle = new THREE.Mesh( new THREE.CircleGeometry( 25, 32, 0, Math.PI/2 ),...

How to extrude a quarter Circle Geometry (THREE.CircleGeometry) in Three.js? I create the quarter circle like this: var circle = new THREE.Mesh( new THREE.CircleGeometry( 25, 32, 0, Math.PI/2 ),...

I'm doing an exercise, but e.timestamp return initially return "-xxxx" value so the date.toDateString always return "Thu Jan 01 1970 click". I've looked for an answer also on w3schools but also its ...

I'm doing an exercise, but e.timestamp return initially return "-xxxx" value so the date.toDateString always return "Thu Jan 01 1970 click". I've looked for an answer also on w3schools but also its ...

  1. jquery javascript event
  2. jquery javascript event listener
  3. jquery js event
  4. jquery js event listener
  5. javascript jquery event handler
  6. javascript jquery event.target
  7. jquery trigger javascript event
  8. jquery remove javascript event listener
  9. jquery javascript onchange event
  10. jquery trigger js event
  11. jquery click js event
  12. javascript jquery click event
  13. jquery event vs javascript event
  14. javascript jquery stop event propagation
  15. javascript jquery hover event
  16. javascript jquery bind event
  17. javascript jquery onload event
  18. javascript jquery paste event
  19. javascript jquery keypress event
  20. javascript jquery change event

How to override navigator.plugins in javascript? There is a web site that reads my plugins list using with navigator.plugins and i don't want let them read my plugins and i want to show them fake ...

How to override navigator.plugins in javascript? There is a web site that reads my plugins list using with navigator.plugins and i don't want let them read my plugins and i want to show them fake ...

  1. override navigator.plugins