We had a scenario while building a form on Java DXA 1.7 and tried to have it submit via POST, not GET. We had the form working perfectly via GET, but when we changed the method to POST the response was a 403 Forbidden. We poked in many directions, such as directory security settings and web.xml configs. In the end it was the CSRF configuration built into DXA that was the answer…
Trick to Submitting a POST Request with Java DXA 1.7
6