Skip to content

Clarify in Javadoc that .csrf() enables CSRF protection #9489

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
eleftherias opened this issue Mar 5, 2021 · 0 comments
Closed

Clarify in Javadoc that .csrf() enables CSRF protection #9489

eleftherias opened this issue Mar 5, 2021 · 0 comments
Assignees
@eleftherias
Labels
in: docs An issue in Documentation or samples type: enhancement A general enhancement
Milestone
5.5.0-M3

Comments

@eleftherias
Copy link
Contributor

In the HttpSecurity#csrf() Javadoc, we should explicitly mention that this method enables CSRF protection.

It may be unclear to users whether calling .csrf() enables CSRF protection or allows CSRF attacks to happen.
@eleftherias eleftherias added in: docs An issue in Documentation or samples type: enhancement A general enhancement labels Mar 5, 2021
@eleftherias eleftherias added this to the 5.5.0-M3 milestone Mar 5, 2021
@eleftherias eleftherias self-assigned this Mar 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eleftherias eleftherias

Labels
in: docs An issue in Documentation or samples type: enhancement A general enhancement
Projects
None yet
Milestone
5.5.0-M3
Development

No branches or pull requests
1 participant
@eleftherias