Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CsrfTokenRequestAttributeHandler documentation should reflect that default is XorCsrfTokenRequestAttributeHandler #12651

Closed
mdadoua opened this issue Feb 9, 2023 · 2 comments
Closed

CsrfTokenRequestAttributeHandler documentation should reflect that default is XorCsrfTokenRequestAttributeHandler #12651

mdadoua opened this issue Feb 9, 2023 · 2 comments
Assignees
@sjohnr
Labels
in: docs An issue in Documentation or samples type: enhancement A general enhancement
Milestone
6.0.2

Comments

@mdadoua
Copy link

mdadoua commented Feb 9, 2023

Hello,

The documentation for "Configuring CsrfTokenRequestAttributeHandler" here (github link here) currently says that the default implementation is CsrfTokenRequestAttributeHandler (i.e. the one before Spring Security 6.x).

Unless I'm mistaken, I believe the new default is XorCsrfTokenRequestAttributeHandler which seems to be the case since gh-11960.
@mdadoua mdadoua added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Feb 9, 2023
@sjohnr sjohnr self-assigned this Feb 14, 2023
@GijsCalis
Copy link

This should also get mentioned in the migration guide to Spring Security 6.x as this is a breaking change for at least applications using Angular.

@sjohnr
Copy link
Member

sjohnr commented Feb 15, 2023

Thanks @mdadoua! I'll look into this, as I thought I had made this update but evidently forgot to do so. If you're interested in submitting a PR, let me know!

@GijsCalis, note that the 6.0 migration guide mentions following steps in the 5.8 migration guide first. Check out I am using AngularJS or another Javascript framework in the 5.8 migration guide.

@sjohnr sjohnr added in: docs An issue in Documentation or samples and removed status: waiting-for-triage An issue we've not yet triaged labels Feb 15, 2023
@sjohnr sjohnr mentioned this issue Feb 16, 2023
Closed
@sjohnr sjohnr closed this as completed in c4f68d8 Feb 16, 2023
@sjohnr sjohnr added this to the 6.0.2 milestone Feb 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sjohnr sjohnr

Labels
in: docs An issue in Documentation or samples type: enhancement A general enhancement
Projects
None yet
Milestone
6.0.2
Development

No branches or pull requests
3 participants
@sjohnr @GijsCalis @mdadoua