AnsweredAssumed Answered

Ajax call inside JSP

Question asked by anlu on Apr 5, 2017
Latest reply on Apr 6, 2017 by pxslip


I am currently trying to do an Ajax call inside my JSP in order to run a method in my spring controller, but i ran into some issues.


Long story: I need to run a method when the user presses a submit button in a list of items. What i tried to achieve was that when the user presses submit a method is ran in the background and data is updated (but the user should not leave the page they are on and the page should not reload) I tried just making a regular java method but i needed to Autowire my DAO class so i put the method in my controller and thus i call it using a RequestMapping Url (method = POST). Realizing that i need Ajax to do the request to the method in my controller in order for the user to stay on page i implemented this:


<script src="//"></script>  
<script>var $j = jQuery.noConflict();</script>


<script type="text/javascript"> 
 (function($j) {  
  $j(document).ready(function() {  
     type: 'POST',  
     url: $j(this).attr('value'),  
     data: "",  
     success: function(config) {  


And the "$j(this).attr('value')" comes from the submit button(not the most elegant way of doing the url transfer but i need it to work before caring about details):

<input type="button" value="../review/submitScore?course_id=${assessment.getCourseId()}&assessment_id=${assessment.getPropertyId()}&content_id=${ctx.getContentId()}" />

cess: function(config)

To make it clear: I do NOT need ajax or jQuery for anything else in the application or JSP, but it was the only solution i found that solved my issue (which is simply doing a "dataUpdate" on some data when a user press submit) so if anyone has better solutions that is also welcome.


My problem:

When running the code shown above i get a 404 i the browser and the log output for the module says: This request is not associated with a valid session.


In the bb-security-log it says:
evt_name=request authenticity violated , and msg=Invalid cross-site request forgery nonce for request authenticity and exception thrown. May be an indicator of a cross-site request forgery attack.


Part of the Controller method:


@RequestMapping(value = "/review/submitScore", method = RequestMethod.POST)
  @ResponseStatus(value = HttpStatus.OK)
  private void submitScore(HttpServletRequest request, HttpServletResponse response,
  @RequestParam("assessment_id") int assessment_id,
  @RequestParam("course_id") String course_id,
  @RequestParam("content_id") String content_id