请访问:https://docs.spring.io/spring-security/reference/5.8.12/servlet/exploits/headers.html Spring Security Servlet Applications Protection Against Exploits Security HTTP Response Headers Cross Site Request Forgery (CSRF) for Servlet Environments HTTP