15 Additional Spring Security Features

In this chapter, we will explore several additional Spring Security features that we have not covered so far in this book, including the following topics:

Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
Synchronizer token pattern
Clickjacking
Testing Spring Security Applications
Reactive Applications support

We will understand how to include various HTTP headers to protect against common security vulnerabilities, using the following methods:

Cache-Control
Content-Type Options
HTTP Strict Transport Security (HSTS)
X-Frame-Options
X-XSS-Protection

Before you read this chapter, you should already understand how Spring Security works. This means you should already be able to set up authentication ...

Get Spring Security - Fourth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security - Fourth Edition by Badr Nasslahsen

15

Additional Spring Security Features

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly