Using thymeleaf
<form th:action="@{url}" method="post">
If you write the action attribute using @ {} like, the CSRF token will be automatically entered as hidden.
In other words
<form action="url" method="post">
Then, the CSRF token is not included. So even if I submitted in this state, I couldn't make a transition.
<form th:action="url" method="post">
<button type="button" onClick="submit();" th:formaction="@{url2}">
</form>
If you use jQuery's submit function like this, it seems to be submitted to the url destination of the action attribute of the form tag.
In other words, if you set `th: formaction =" @ {url2}', you wouldn't be able to get a token.
<form th:action="url" method="post">
//↓ If you add this, tokens will be entered. In other words, insert the token manually
<input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
<button type="button" onClick="submit();" th:formaction="@{url2}">
</form>
I tried various things to write a script and try to write it somehow, but it didn't work, so I feel that there is no problem even if I increase the number of buttons if I put it in manually for the time being.
However, th: form action does not work, and the action attribute of form becomes the submit destination.
<button type="button" onClick="setAction("Favorite URL");">
<script type="text/javascript">
function setAction(url){
$('form').attr('action', url); //Set the url of the argument to the action attribute
$('form').submit(); //Execute submit (Since the action attribute was changed above, that is the submit destination!)
}
</script>
With this, it seems possible to increase the number of buttons and prepare multiple submit destinations.
I would like to know if there is a better way m (_ _) m