在SpringMVC中禁用Http删除
如何在SpringMVC中禁用HTTP删除。我尝试了拦截器,但它不适用于删除请求。 在我的应用初始化器中在SpringMVC中禁用Http删除,spring,http,spring-mvc,spring-security,Spring,Http,Spring Mvc,Spring Security,如何在SpringMVC中禁用HTTP删除。我尝试了拦截器,但它不适用于删除请求。 在我的应用初始化器中 @Override protected void customizeRegistration(Dynamic registration) { registration.setInitParameter("dispatchDeleteRequest", "true"); } 试过这个 我正在打电话给表格 OPTIONS /<Website>/ HT
@Override
protected void customizeRegistration(Dynamic registration) {
registration.setInitParameter("dispatchDeleteRequest", "true");
}
OPTIONS /<Website>/ HTTP/1.0
Content-Length: 0
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)
Host: XYZ.com
@Controller
public class HandleDeleteRequest{
static final Logger logger = Logger.getRootLogger();
@RequestMapping(value = "/*", method = RequestMethod.DELETE)
public boolean handleDeleteRequest(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
logger.info(request.getMethod());
if (request.getMethod().equalsIgnoreCase("DELETE")) {
// Not a POST/GET - send error and return false
logger.error("Not Get or Put request");
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Unauthorized Request");
return false;
}
return true;
}
}
但是这个似乎不太合适你想在整个应用程序中使用它还是在特定的url中使用它。我需要在整个应用程序中使用它
@Controller
public class HandleDeleteRequest{
static final Logger logger = Logger.getRootLogger();
@RequestMapping(value = "/*", method = RequestMethod.DELETE)
public boolean handleDeleteRequest(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
logger.info(request.getMethod());
if (request.getMethod().equalsIgnoreCase("DELETE")) {
// Not a POST/GET - send error and return false
logger.error("Not Get or Put request");
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Unauthorized Request");
return false;
}
return true;
}
}