CSRF doc issue spring-security 6.0.x #13910
Assignees
Labels
Comments
JurrianFahner
added
status: waiting-for-triage
sjohnr
added
in: docs
|
Thanks for the feedback @JurrianFahner! I discussed this with the team and we agreed that this should be backported to 6.0 documentation. This will appear with the next patch release on Monday. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Recently I was upgrading a spring-boot app from 2.x to 3.x. This app has also a dependency on spring-cloud, so I'm not able to upgrade to spring-boot 6.1.x.
I ran into an issue with CSRF and I was clueless how to solve it, the documentation of 6.0.x. made it clear that there were changes due to the BREACH vulnerability. Today I was able to solve it by applying the documentation for 6.1.x to my problem and it was fixed.
It would be very beneficial for other users that the 6.1.x documentation for CSRF can be applied to the 6.0.x branch as well.
Even better would be to add this section to 6.0.x. Maybe all of CSRF is applicable to 6.0.x, I didn't analyze the changes between 6.0.x and 6.1.x to check whether it would be a complete fit.
The text was updated successfully, but these errors were encountered: