BlogJava-沙罗双树园下的三轮明日-文章分类-Ajax技术http://www.blogjava.net/mercurymarsx/category/48304.htmlzh-cnFri, 15 Apr 2011 03:12:07 GMTFri, 15 Apr 2011 03:12:07 GMT60DWR CSRF Security Errorhttp://www.blogjava.net/mercurymarsx/articles/347459.html天涯浪侠天涯浪侠Fri, 01 Apr 2011 05:22:00 GMThttp://www.blogjava.net/mercurymarsx/articles/347459.htmlhttp://www.blogjava.net/mercurymarsx/comments/347459.htmlhttp://www.blogjava.net/mercurymarsx/articles/347459.html#Feedback0http://www.blogjava.net/mercurymarsx/comments/commentRss/347459.htmlhttp://www.blogjava.net/mercurymarsx/services/trackbacks/347459.html

解决办法:

修改 web.xml 中 DWR 配置信息或者换tomcat6.0就不会有此问题了!

原:

<servlet> 
      <servlet-name>dwr-invoker</servlet-name> 
     <servlet-class>org.directwebremoting.spring.DwrSpringServlet</servlet-class> 
     <init-param>
      <param-name>debug</param-name>
      <param-value>true</param-value>
  </init-param>
</servlet>

加入跨域调用配置信息,修改为:

<servlet> 
      <servlet-name>dwr-invoker</servlet-name> 
      <servlet-class>org.directwebremoting.spring.DwrSpringServlet</servlet-class> 
      <init-param>
             <param-name>debug</param-name>
             <param-value>true</param-value>
      </init-param>
      <init-param>
             <param-name>crossDomainSessionSecurity</param-name>
             <param-value>false</param-value>
      </init-param>
      <!--<init-param>
            <param-name>allowScriptTagRemoting</param-name>
            <param-value>true</param-value>
      </init-param>--><!--此处默认为true可以不加-->

如果采用与Spring整合方式
修改dwr.xml文件为:

<dwr:controller id="dwrController" debug="true" >
    <dwr:config-param name="crossDomainSessionSecurity" value="false" />
    <dwr:config-param name="allowScriptTagRemoting" value="true" />
    <dwr:config-param name="debug" value="true" />
</dwr:controller>

天涯浪侠 2011-04-01 13:22 发表评论
]]>