-
Notifications
You must be signed in to change notification settings - Fork 0
Spring Boot CSRF config for the UI
Paul Sterl edited this page Jan 19, 2025
·
1 revision
Axios should work with the following spring config out of the box with csrf:
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.httpBasic(org.springframework.security.config.Customizer.withDefaults())
.csrf(c ->
c.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler())
);
return http.build();
}more informations: https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html