Token mismatch between 'springboot' and React AXIOS CSRF communication

Asked Apr 20 '23 at 00:18

Active Apr 20 '23 at 00:18

Viewed 36 times

return  http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                    .and()
                    //.authorizeRequests().antMatchers(HttpMethod.OPTIONS, "**").permitAll()    
                    //.and()
                    .build();

Spring Security

xsrfCookieName: 'XSRF-TOKEN',
xsrfHeaderName: 'X-XSRF-TOKEN',

axios default setting

I configured springboot as above and got the CSRF token from spring with GET and put it in the header to communicate with AXIOS, but the token is not correct.

How do I fix it?

The return should be OK, but I get a 403 forbidden error

asked Apr 20 '23 at 00:18

dgkim

Token mismatch between 'springboot' and React AXIOS CSRF communication

0 Answers0