Issue
when i try to use DELETE method i am geeing 403 delete forbidden error .
i am using spring-mvc+rest implementation
i tried to add some xml tags in my web.xml file as suggested in some other post
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
but did not work for me. is there any other configuration to do in spring-servlet.xml or in web.xml ?
can any one help me with this?
Solution
Disable CSRF in your WebSecurityConfigurerAdapter:
http.csrf().disable()
However, this could be a system security flaw. Be careful!
code below:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable() // <<------- PUT THIS IN YOUR CODE
.authorizeRequests()
.antMatchers("/css/**", "/primeiro_acesso/**", "/upload", "/testes/upload", "/files/**").permitAll()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
Answered By - Regis Albuquerque
Answer Checked By - Clifford M. (JavaFixing Volunteer)
