Remove additional attribute name from CsrfWebFilter

Fixes gh-4799
2025-05-31 09:12:14 +00:00 · 2017-11-07 21:03:09 -06:00 · 2017-11-07 21:03:09 -06:00 · 3f18881493
commit 3f18881493
parent 91e27c1422
2 changed files with 0 additions and 14 deletions
--- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@ -387,12 +387,6 @@ public class ServerHttpSecurity {
 			return this;
 		}

-		public CsrfBuilder csrfTokenAttributeName(String csrfTokenAttributeName) {
-			Assert.notNull(csrfTokenAttributeName, "csrfTokenAttributeName cannot be null");
-			this.filter.setCsrfTokenAttributeName(csrfTokenAttributeName);
-			return this;
-		}
-
 		public CsrfBuilder serverCsrfTokenRepository(
 			ServerCsrfTokenRepository serverCsrfTokenRepository) {
 			this.filter.setServerCsrfTokenRepository(serverCsrfTokenRepository);
--- a/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
@ -59,19 +59,12 @@ public class CsrfWebFilter implements WebFilter {

 	private ServerAccessDeniedHandler serverAccessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN);

-	private String csrfTokenAttributeName = "csrf";
-
 	public void setServerAccessDeniedHandler(
 		ServerAccessDeniedHandler serverAccessDeniedHandler) {
 		Assert.notNull(serverAccessDeniedHandler, "serverAccessDeniedHandler");
 		this.serverAccessDeniedHandler = serverAccessDeniedHandler;
 	}

-	public void setCsrfTokenAttributeName(String csrfTokenAttributeName) {
-		Assert.notNull(csrfTokenAttributeName, "csrfTokenAttributeName cannot be null");
-		this.csrfTokenAttributeName = csrfTokenAttributeName;
-	}
-
 	public void setServerCsrfTokenRepository(
 		ServerCsrfTokenRepository serverCsrfTokenRepository) {
 		Assert.notNull(serverCsrfTokenRepository, "serverCsrfTokenRepository cannot be null");
@ -113,7 +106,6 @@ public class CsrfWebFilter implements WebFilter {
 	private Mono<Void> continueFilterChain(ServerWebExchange exchange, WebFilterChain chain) {
 		return csrfToken(exchange)
 			.doOnSuccess(csrfToken -> exchange.getAttributes().put(CsrfToken.class.getName(), csrfToken))
-			.doOnSuccess(csrfToken -> exchange.getAttributes().put(this.csrfTokenAttributeName, csrfToken))
 			.flatMap( t -> chain.filter(exchange))
 			.then();
 	}