一个简单的登录，POST表单提交时报错，403 bad or missing token！_bad or missing security token

<form id="formInput" action="check.jhtml" method="POST">
 
    <div class="main"  style="margin-top:100px;">
    	<label class="errorLabel" style="color: red;padding-left:14.5%; padding-top:20px">[#if error != null]${error}[/#if]</label>
	    <div class="container">
	    	<div class="form-group">
		        <input type="text" placeholder="输入用户名" id="username" name="username" maxlength="20">
		        <label for="username" id="errorName" class="errorLabel" style="color: red;"></label>
		    </div>
		    <div class="form-group">
		        <input type="password" placeholder="输入密码" id="password"  name="password" maxlength="11">
		        <label for="password" id="errorPsw" class="errorLabel" style="color: red;"></label>
		    </div>
		    <div class="submit-group">
		        <button id="btnSumbit">登录</button>
		    </div>
	    </div> 
    </div>
  </div>
 
</form>
 
<script type="text/javascript">
		var $username = $("#username");
	    var $password = $("#password");
	    var $errorName = $("#errorName");
	    var $errorPsw = $("#errorPsw");
	    
		//提交时，验证用户密码是否正确
		$("#formInput").submit(function(){
			if($username.val() == ""){
				$errorName.text("登录名不能为空!");
				return false;
			}if($password.val() == ""){
				$errorPsw.text("密码不能为空!");
				return false;
			}
				return true;
		});	
</script>

经过不断排查，发现并不是网上说的加上<meta http-equiv="content-type" content="text/html; charset=utf-8" />就可以了，

而是页面中少引用了两个js文件：

<script type="text/javascript" src="/js/jquery-1.9.1.js"></script>
<script type="text/javascript" src="/js/common.js"></script>