Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-2466: CSRF MutipartFilter doc now uses <url-pattern>

This commit is contained in:
Rob Winch 2014-01-28 16:51:05 -06:00
parent a99c6db327
commit 4c84805ac9
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/manual/src/asciidoc/index.adoc
View File

@ -3244,7 +3244,7 @@ There are two options to using CSRF protection with multipart/form-data. Each op
[NOTE]
====
More information about using multipart forms with Spring can be found within the http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html#mvc-multipart[17.10 Spring's multipart (file upload) support] section of the Spring reference.
Before you integrate Spring Security's CSRF protection with multipart file upload, ensure that you can upload without the CSRF protection first. More information about using multipart forms with Spring can be found within the http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html#mvc-multipart[17.10 Spring's multipart (file upload) support] section of the Spring reference.
====
[[csrf-multipartfilter]]
@ -3278,13 +3278,12 @@ To ensure `MultipartFilter` is specified before the Spring Security filter with
</filter>
<filter-mapping>
<filter-name>MultipartFilter</filter-name>
<servlet-name>/*</servlet-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
----
[[csrf-include-csrf-token-in-action]]