| Interface | Description |
|---|---|
| CsrfToken | |
| ServerCsrfTokenRepository |
An API to allow changing the method in which the expected
CsrfToken is
associated to the ServerWebExchange. |
| Class | Description |
|---|---|
| CookieServerCsrfTokenRepository |
A
ServerCsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and
reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS. |
| CsrfServerLogoutHandler |
CsrfServerLogoutHandler is in charge of removing the CsrfToken upon logout. |
| CsrfWebFilter |
Applies
CSRF
protection using a synchronizer token pattern.
|
| DefaultCsrfToken |
A CSRF token that is used to protect against CSRF attacks.
|
| WebSessionServerCsrfTokenRepository |
| Exception | Description |
|---|---|
| CsrfException |
Thrown when an invalid or missing
CsrfToken is found in the HttpServletRequest |