Interface | Description |
---|---|
CsrfToken | |
ServerCsrfTokenRepository |
An API to allow changing the method in which the expected
CsrfToken is
associated to the ServerWebExchange . |
Class | Description |
---|---|
CookieServerCsrfTokenRepository |
A
ServerCsrfTokenRepository that persists the CSRF token in a cookie named
"XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of
AngularJS. |
CsrfServerLogoutHandler |
CsrfServerLogoutHandler is in charge of removing the CsrfToken upon
logout. |
CsrfWebFilter |
Applies
CSRF
protection using a synchronizer token pattern.
|
DefaultCsrfToken |
A CSRF token that is used to protect against CSRF attacks.
|
WebSessionServerCsrfTokenRepository |
Exception | Description |
---|---|
CsrfException |
Thrown when an invalid or missing
CsrfToken is found in the HttpServletRequest |