AEM：403 Forbidden在调用Post servlet时发生 [英] AEM: 403 Forbidden occurs when call a Post servlet

问题描述

我的问题与此类似： CQ5：403禁止在调用Post servlet时发生但在AEM 6.1中

My problem is similar with this: CQ5: 403 Forbidden occurs when call a Post servlet but in AEM 6.1

根据上述主题的接受回答，我必须从Apache Sling Referrer过滤器。我想知道这个动作是否对我的系统有害？
还有更好的方法可以解决这个问题吗？

According to accepted answer of above topic, I must remove POST from Apache Sling Referrer Filter. I wonder if this action is harmful to my system? And do have better way to fix this issue?

p / s：对不起我的英文。

p/s: Sorry for my English.

推荐答案

如果您在作者模式下测试代码，则会得到 403 forbidden 错误。这需要csrf令牌（在AEM 6.1中引入以对 POST 执行检查， PUT 和 DELETE 浏览器针对 CSRF攻击的请求。在服务器端的表单提交上验证CSRF令牌。如果添加了 granite.jquery 依赖项，或者您可以声明依赖 granite.csrf.standalone 来加载CSRF保护框架框架。在发布时，它应该在登录前正常工作。

If you are testing your code on author mode, you get 403 forbidden error for the request. This requires csrf token (Introduced in AEM 6.1 to perform checks on POST, PUT and DELETE requests from browser against CSRF attacks). CSRF token is validated on form submission at the server side. CSRF protection framework is loaded if granite.jquery dependency is added or you can declare dependency granite.csrf.standalone to use the framework. On publish it should work fine before login.

这篇关于AEM：403 Forbidden在调用Post servlet时发生的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！