Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 01:02:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adjusts setRequestHandler javadoc in CsrfWebFilter

Browse Source 
Adjusts setRequestHandler method javadoc in CsrfWebFilter class to reflect changes in 6.0.

In 6.0, the default ServerCsrfTokenRequestHandler changed to XorServerCsrfTokenRequestAttributeHandler, however, the javadoc for the setRequestHandler method still said it was ServerCsrfTokenRequestAttributeHandler.

This change adjusts the information to make it more accurate, because, although XorServerCsrfTokenRequestAttributeHandler is a subclass of ServerCsrfTokenRequestAttributeHandler, the behavior is quite different.

Closes gh-12465
This commit is contained in:
Wellington Domiciano 2022-12-25 19:23:23 -03:00 committed by Josh Cummings
parent 9c0a35a6f6
commit 27b3f4d403
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
View File

@ -104,7 +104,7 @@ public class CsrfWebFilter implements WebFilter {
* Specifies a {@link ServerCsrfTokenRequestHandler} that is used to make the
* {@code CsrfToken} available as an exchange attribute.
* <p>
* The default is {@link ServerCsrfTokenRequestAttributeHandler}.
* The default is {@link XorServerCsrfTokenRequestAttributeHandler}.
* @param requestHandler the {@link ServerCsrfTokenRequestHandler} to use
* @since 5.8
*/