请访问:https://docs.spring.io/spring-security/reference/5.8-SNAPSHOT/servlet/exploits/headers.html Spring Security Servlet Applications Protection Against Exploits Security HTTP Response Headers Cross Site Request Forgery (CSRF) for Servlet Environments HTTP