Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '5.8.x'

Browse Source 
# Conflicts:
#	config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
#	config/src/test/resources/org/springframework/security/config/http/DeferHttpSessionTests-Explicit.xml
#	web/src/main/java/org/springframework/security/web/csrf/CsrfFilter.java
This commit is contained in:
Steve Riesenberg
2022-09-06 11:51:55 -05:00
parent e17989d92d 86fbb8db07
commit ed41a60aae
17 changed files with 566 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/modules/ROOT/pages/servlet/appendix/namespace/http.adoc
+7 -4
View File
@@ -774,10 +774,13 @@ It is highly recommended to leave CSRF protection enabled.
The CsrfTokenRepository to use.
The default is `HttpSessionCsrfTokenRepository`.
[[nsa-csrf-request-attribute-name]]
* **request-attribute-name**
Optional attribute that specifies the request attribute name to set the `CsrfToken` on.
The default is `CsrfToken.parameterName`.
[[nsa-csrf-request-attribute-handler-ref]]
* **request-attribute-handler-ref**
The optional `CsrfTokenRequestAttributeHandler` to use. The default is `CsrfTokenRequestProcessor`.
[[nsa-csrf-request-resolver-ref]]
* **request-resolver-ref**
The optional `CsrfTokenRequestResolver` to use. The default is `CsrfTokenRequestProcessor`.
[[nsa-csrf-request-matcher-ref]]
* **request-matcher-ref**