Java – ${ucsrf} what do you do? Is this an implicit El object?

2020-09-06 • Java

I'm looking at some source code and trying to find out_ The source of CSRF As far as I know, it looks like an implicit El object It may be related to authentication and security

The following are included_ CSRF code

<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />

What does ${ucsrf} do? Is this an implicit El object?

Solution

Cross Site Request Forgery, also known as one click attack or session riding, abbreviated as CSRF (sometimes pronounced sea surf) or xsrf, is a malicious use of a website in which unauthorized commands are transmitted from network users

This input protects the form from CSRF attacks by adding special CSRF tags to all page requests

Take a look at this: https://en.wikipedia.org/wiki/Cross-site_request_forgery https://www.baeldung.com/spring-security-csrf

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.

THE END

Java

二维码

Java – unit testing using spring framework singleton beans

< <上一篇

Trying to understand class inheritance in Java

下一篇>>

搜索内容

Java – ${ucsrf} what do you do? Is this an implicit El object?

Solution

热门文章