org.springframework.security.web.server.csrf (spring-security-docs 6.0.0-M4 API)

package org.springframework.security.web.server.csrf

Related Packages

Package

Description

org.springframework.security.web.server
Class

Description

CookieServerCsrfTokenRepository

A ServerCsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS.

CsrfException

Thrown when an invalid or missing CsrfToken is found in the HttpServletRequest

CsrfServerLogoutHandler

CsrfServerLogoutHandler is in charge of removing the CsrfToken upon logout.

CsrfToken

CsrfWebFilter

Applies CSRF protection using a synchronizer token pattern.

DefaultCsrfToken

A CSRF token that is used to protect against CSRF attacks.

ServerCsrfTokenRepository

An API to allow changing the method in which the expected CsrfToken is associated to the ServerWebExchange.

WebSessionServerCsrfTokenRepository

A ServerCsrfTokenRepository that stores the CsrfToken in the HttpSession.