请访问:https://docs.spring.io/spring-security/reference/5.8-SNAPSHOT/servlet/exploits/csrf.html Spring Security Servlet Applications Protection Against Exploits Cross Site Request Forgery (CSRF) for Servlet Environments Protection Against Exploits Security HTTP Response Headers