Admin Dashbaord UI and CSRF

Axios should work with the following spring config out of the box with csrf:

Maven Setup

<dependency>
    <groupId>org.sterl.spring</groupId>
    <artifactId>spring-persistent-tasks-ui</artifactId>
    <version>${spt.version}</version>
</dependency>

Spring setup

@SpringBootApplication
@EnableSpringPersistentTasks
@EnableSpringPersistentTasksUI
public class XYApplication

Spring Boot CSRF config for the UI

@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
    http
        .httpBasic(org.springframework.security.config.Customizer.withDefaults())
        .csrf(c ->
            c.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
             .csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler())
        );
    return http.build();
}

more informations: https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Admin Dashbaord UI and CSRF

Maven Setup

Spring setup

Spring Boot CSRF config for the UI

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally