spring-security/docs/modules/ROOT/pages/reactive/test/web/csrf.adoc

= Testing with CSRF

Spring Security also provides support for CSRF testing with `WebTestClient` -- for example:

====
.Java
[source,java,role="primary"]
----
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf;

this.rest
	// provide a valid CSRF token
	.mutateWith(csrf())
	.post()
	.uri("/login")
	...
----

.Kotlin
[source,kotlin,role="secondary"]
----
import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf

this.rest
    // provide a valid CSRF token
    .mutateWith(csrf())
    .post()
    .uri("/login")
    ...
----
====
Separate Testing Reactive Docs Issue gh-10367 2021-10-29 10:09:04 -06:00			`= Testing with CSRF`

Merge Clean up Reference Documentation Closes gh-9668 2021-12-13 16:57:36 -06:00			Spring Security also provides support for CSRF testing with `WebTestClient` -- for example:
Separate Testing Reactive Docs Issue gh-10367 2021-10-29 10:09:04 -06:00
			`====`
			`.Java`
			`[source,java,role="primary"]`
			`----`
Add static imports to code snippets Closes gh-6597 2023-04-11 09:56:19 -03:00			`import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf;`

Separate Testing Reactive Docs Issue gh-10367 2021-10-29 10:09:04 -06:00			`this.rest`
			`// provide a valid CSRF token`
			`.mutateWith(csrf())`
			`.post()`
			`.uri("/login")`
			`...`
			`----`

			`.Kotlin`
			`[source,kotlin,role="secondary"]`
			`----`
Add static imports to code snippets Closes gh-6597 2023-04-11 09:56:19 -03:00			`import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf`

Separate Testing Reactive Docs Issue gh-10367 2021-10-29 10:09:04 -06:00			`this.rest`
			`// provide a valid CSRF token`
			`.mutateWith(csrf())`
			`.post()`
			`.uri("/login")`
			`...`
			`----`
			`====`