From 41e3aeb246aadf359fbe78c675cc9d7cf21a154b Mon Sep 17 00:00:00 2001
From: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
Date: Fri, 27 Feb 2026 16:12:43 +0700
Subject: [PATCH] Use `site-url` for reference link

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
---
 docs/modules/ROOT/pages/index.adoc                          | 2 +-
 docs/modules/ROOT/pages/migration/index.adoc                | 3 +--
 docs/modules/ROOT/pages/servlet/exploits/csrf.adoc          | 2 +-
 docs/modules/ROOT/pages/servlet/integrations/websocket.adoc | 6 +++---
 4 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/docs/modules/ROOT/pages/index.adoc b/docs/modules/ROOT/pages/index.adoc
index f5f4a631ed..c0c73c30c9 100644
--- a/docs/modules/ROOT/pages/index.adoc
+++ b/docs/modules/ROOT/pages/index.adoc
@@ -2,7 +2,7 @@
 
 [NOTE]
 ====
-Spring Security's documentation can be https://docs.spring.io/spring-security/reference/spring-security-docs.zip[downloaded] as a zip file.
+Spring Security's documentation can be {site-url}/spring-security-docs.zip[downloaded] as a zip file.
 ====
 
 Spring Security is a framework that provides xref:features/authentication/index.adoc[authentication], xref:features/authorization/index.adoc[authorization], and xref:features/exploits/index.adoc[protection against common attacks].
diff --git a/docs/modules/ROOT/pages/migration/index.adoc b/docs/modules/ROOT/pages/migration/index.adoc
index cbc537a071..4e5753e83d 100644
--- a/docs/modules/ROOT/pages/migration/index.adoc
+++ b/docs/modules/ROOT/pages/migration/index.adoc
@@ -1,10 +1,9 @@
 [[migration]]
 = Migrating to 7.0
-:spring-security-reference-base-url: https://docs.spring.io/spring-security/reference
 
 Spring Security 6.5 is the last release in the 6.x generation of Spring Security.
 It provides strategies for configuring breaking changes to use the 7.0 way before updating.
-We recommend you use 6.5 and {spring-security-reference-base-url}/6.5/migration-7/index.html[its preparation steps] to simplify updating to 7.0.
+We recommend you use 6.5 and {site-url}/6.5/migration-7/index.html[its preparation steps] to simplify updating to 7.0.
 
 After updating to 6.5, follow this guide to perform any remaining migration or cleanup steps.
 
diff --git a/docs/modules/ROOT/pages/servlet/exploits/csrf.adoc b/docs/modules/ROOT/pages/servlet/exploits/csrf.adoc
index 842a766d3d..c21132f092 100644
--- a/docs/modules/ROOT/pages/servlet/exploits/csrf.adoc
+++ b/docs/modules/ROOT/pages/servlet/exploits/csrf.adoc
@@ -116,7 +116,7 @@ The following is an overview of the aspects of CSRF protection that have changed
 The changes in Spring Security 6 require additional configuration for single-page applications, and as such you may find the <<csrf-integration-javascript-spa>> section particularly useful.
 ====
 
-See the https://docs.spring.io/spring-security/reference/5.8/migration/servlet/exploits.html[Exploit Protection] section of the https://docs.spring.io/spring-security/reference/5.8/migration/index.html[Migration] chapter for more information on migrating a Spring Security 5 application.
+See the {site-url}/5.8/migration/servlet/exploits.html[Exploit Protection] section of the {site-url}/5.8/migration/index.html[Migration] chapter for more information on migrating a Spring Security 5 application.
 
 [[csrf-token-repository]]
 == Persisting the `CsrfToken`
diff --git a/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc b/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc
index 575a0e4347..d732a15d2c 100644
--- a/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc
+++ b/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc
@@ -44,7 +44,7 @@ public class WebSocketSecurityConfig {
     @Bean
     AuthorizationManager<Message<?>> messageAuthorizationManager(MessageMatcherDelegatingAuthorizationManager.Builder messages) {
         messages
-                .simpDestMatchers("/user/**").hasRole("USER") // <3>
+                .simpDestMatchers("/user/**").hasRole("USER"); // <3>
 
         return messages.build();
     }
@@ -646,7 +646,7 @@ public class WebSecurityConfig {
             )
             .authorizeHttpRequests((authorize) -> authorize
                 ...
-            )
+            );
             ...
     }
 }
@@ -711,4 +711,4 @@ If we use XML-based configuration, we can use thexref:servlet/appendix/namespace
 == Legacy WebSocket Configuration
 
 `AbstractSecurityWebSocketMessageBrokerConfigurer` and `MessageSecurityMetadataSourceRegistry` are removed as of Spring Security 7.
-Please see https://docs.spring.io/spring-security/reference/5.8/migration/servlet/authorization.html#_use_authorizationmanager_for_message_security[the 5.8 migration guide] for guidance.
+Please see {site-url}/5.8/migration/servlet/authorization.html#_use_authorizationmanager_for_message_security[the 5.8 migration guide] for guidance.