9 Configuring CSRF protection

This chapter covers

Understanding CSRF attacks
Implementing CSRF protection
Customizing CSRF protection

You have learned about the filter chain and its purpose in the Spring Security architecture. We worked on several examples in chapter 5, where we customized the filter chain. But Spring Security also adds its own filters to the chain. This chapter discusses the filter that configures CSRF (cross-site request forgery) protection. You’ll learn to customize the filters to make a perfect fit for your scenarios.

You have probably observed that in most of the examples up to now, we only implemented our endpoints with HTTP GET. Moreover, when we needed to configure HTTP POST, we also had to add a supplementary instruction ...

Get Spring Security in Action, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security in Action, Second Edition by Laurentiu Spilca

9 Configuring CSRF protection

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly