2 minggu lalu · 2b8d00b756
--- a/ruoyi-admin/src/main/resources/static/ajax/libs/bootstrap-fileinput/fileinput.js
+++ b/ruoyi-admin/src/main/resources/static/ajax/libs/bootstrap-fileinput/fileinput.js
@@ -6450,7 +6450,7 @@
 
				         textEncoding: 'UTF-8',
			
 
				         preProcessUpload: null,
			
 
				         ajaxSettings: { headers: {
			
 
				-            "csrf_token": document.querySelector('meta[name="csrf-token"]').content
			
 
				+            "X-CSRF-Token": document.querySelector('meta[name="csrf-token"]').content
			
 
				         }},
			
 
				         ajaxDeleteSettings: {},
			
 
				         showAjaxErrorDetails: true,
			
--- a/ruoyi-admin/src/main/resources/static/ajax/libs/bootstrap-fileinput/fileinput.min.js
+++ b/ruoyi-admin/src/main/resources/static/ajax/libs/bootstrap-fileinput/fileinput.min.js
--- a/ruoyi-admin/src/main/resources/static/ruoyi/js/common.js
+++ b/ruoyi-admin/src/main/resources/static/ruoyi/js/common.js
@@ -576,7 +576,7 @@ $.ajaxSetup({
 
				     beforeSend: function (xhr, settings) {
			
 
				         var csrftoken = $('meta[name=csrf-token]').attr('content')
			
 
				         if (($.common.equalsIgnoreCase(settings.type, "POST"))) {
			
 
				-            xhr.setRequestHeader("csrf_token", csrftoken)
			
 
				+            xhr.setRequestHeader("X-CSRF-Token", csrftoken)
			
 
				         }
			
 
				     },
			
 
				     complete: function(XMLHttpRequest, textStatus) {
			
--- a/ruoyi-admin/src/main/resources/static/ruoyi/js/ry-ui.js
+++ b/ruoyi-admin/src/main/resources/static/ruoyi/js/ry-ui.js
@@ -1053,7 +1053,7 @@ var table = {
 
				                     beforeSend: function (xhr, settings) {
			
 
				                         var csrftoken = $('meta[name=csrf-token]').attr('content');
			
 
				                         if ($.common.equalsIgnoreCase(settings.type, "POST")) {
			
 
				-                            xhr.setRequestHeader("csrf_token", csrftoken);
			
 
				+                            xhr.setRequestHeader("X-CSRF-Token", csrftoken);
			
 
				                         }
			
 
				                         $.modal.loading("正在处理中，请稍候...");
			
 
				                     },
			
@@ -1237,7 +1237,7 @@ var table = {
 
				                     beforeSend: function (xhr, settings) {
			
 
				                         var csrftoken = $('meta[name=csrf-token]').attr('content');
			
 
				                         if (($.common.equalsIgnoreCase(settings.type, "POST"))) {
			
 
				-                            xhr.setRequestHeader("csrf_token", csrftoken);
			
 
				+                            xhr.setRequestHeader("X-CSRF-Token", csrftoken);
			
 
				                         }
			
 
				                         $.modal.loading("正在处理中，请稍候...");
			
 
				                         $.modal.disable();
			
@@ -1261,7 +1261,7 @@ var table = {
 
				                     beforeSend: function (xhr, settings) {
			
 
				                         var csrftoken = $('meta[name=csrf-token]').attr('content');
			
 
				                         if (($.common.equalsIgnoreCase(settings.type, "POST"))) {
			
 
				-                            xhr.setRequestHeader("csrf_token", csrftoken);
			
 
				+                            xhr.setRequestHeader("X-CSRF-Token", csrftoken);
			
 
				                         }
			
 
				                         $.modal.loading("正在处理中，请稍候...");
			
 
				                     },
			
@@ -1291,7 +1291,7 @@ var table = {
 
				                     beforeSend: function (xhr, settings) {
			
 
				                         var csrftoken = $('meta[name=csrf-token]').attr('content');
			
 
				                         if (($.common.equalsIgnoreCase(settings.type, "POST"))) {
			
 
				-                            xhr.setRequestHeader("csrf_token", csrftoken);
			
 
				+                            xhr.setRequestHeader("X-CSRF-Token", csrftoken);
			
 
				                         }
			
 
				                         $.modal.loading("正在处理中，请稍候...");
			
 
				                     },
			
--- a/ruoyi-admin/src/main/resources/templates/lock.html
+++ b/ruoyi-admin/src/main/resources/templates/lock.html
@@ -97,7 +97,7 @@
 
				             data: { password: password },

			
 
				             beforeSend: function(xhr) {

			
 
				             	var csrftoken = $('meta[name=csrf-token]').attr('content');

			
 
				-                xhr.setRequestHeader("csrf_token", csrftoken);

			
 
				+                xhr.setRequestHeader("X-CSRF-Token", csrftoken);

			
 
				             	index = layer.load(2, {shade: false});

			
 
				             },

			
 
				             success: function(result) {

			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/ShiroConstants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/ShiroConstants.java
@@ -33,10 +33,15 @@ public class ShiroConstants
 
				     public static final String ERROR = "errorMsg";

			
 
				 

			
 
				     /**

			
 
				-     * csrf key

			
 
				+     * csrf meta content

			
 
				      */

			
 
				     public static final String CSRF_TOKEN = "csrf_token";

			
 
				 

			
 
				+    /**

			
 
				+     * csrf request header

			
 
				+     */

			
 
				+    public static final String X_CSRF_TOKEN = "X-CSRF-Token";

			
 
				+

			
 
				     /**

			
 
				      * 当前在线会话

			
 
				      */

			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/web/filter/csrf/CsrfValidateFilter.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/web/filter/csrf/CsrfValidateFilter.java
@@ -37,7 +37,7 @@ public class CsrfValidateFilter extends AccessControlFilter
 
				         {
			
 
				             return true;
			
 
				         }
			
 
				-        return validateResponse(httpServletRequest, httpServletRequest.getHeader(ShiroConstants.CSRF_TOKEN));
			
 
				+        return validateResponse(httpServletRequest, httpServletRequest.getHeader(ShiroConstants.X_CSRF_TOKEN));
			
 
				     }
			
 
				 
			
 
				     public boolean validateResponse(HttpServletRequest request, String requestToken)