Hi,

We want to avoid multi-request sent via Ajax in struts 2 web based application.

The `s:token` can be used in regular request-response jsp pages, but it will 
not work for ajax requests. The problem is the returned respond, which does not 
populate new value for struts token.

I found this issue at 
http://stackoverflow.com/questions/13353577/howto-do-csrf-protection-in-struts2-application-for-ajax-requests
 but I wonder if there is any better way for that? (I think this is a very 
common issue which must have been managed in struts)

 
~Regards,
~~Alireza Fattahi

Reply via email to