Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 20:42:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix csrf:token-repository-ref XSD documentation

Browse Source 
The documentation of the token-repository-ref attribute of the csrf
element in the schema has been updated to make clear the default
repository is lazy. Targets versions 4.2, 5.0 and 5.1.

Fixes gh-6037
This commit is contained in:
Erik van Paassen 2018-11-02 11:25:25 +01:00 committed by Rob Winch
parent 73022059d4
commit a557a324c0
6 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/src/main/resources/org/springframework/security/config/spring-security-4.2.rnc
View File

@ -748,7 +748,7 @@ csrf-options.attlist &=
## The RequestMatcher instance to be used to determine if CSRF should be applied. Default is any HTTP method except "GET", "TRACE", "HEAD", "OPTIONS"
attribute request-matcher-ref { xsd:token }?
csrf-options.attlist &=
## The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository
## The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository wrapped by LazyCsrfTokenRepository.
attribute token-repository-ref { xsd:token }?
headers =

3
config/src/main/resources/org/springframework/security/config/spring-security-4.2.xsd
View File

@ -2337,7 +2337,8 @@
</xs:attribute>
<xs:attribute name="token-repository-ref" type="xs:token">
<xs:annotation>
<xs:documentation>The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository
<xs:documentation>The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository wrapped by
LazyCsrfTokenRepository.
</xs:documentation>
</xs:annotation>
</xs:attribute>

2
config/src/main/resources/org/springframework/security/config/spring-security-5.0.rnc
View File

@ -738,7 +738,7 @@ csrf-options.attlist &=
## The RequestMatcher instance to be used to determine if CSRF should be applied. Default is any HTTP method except "GET", "TRACE", "HEAD", "OPTIONS"
attribute request-matcher-ref { xsd:token }?
csrf-options.attlist &=
## The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository
## The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository wrapped by LazyCsrfTokenRepository.
attribute token-repository-ref { xsd:token }?
headers =

3
config/src/main/resources/org/springframework/security/config/spring-security-5.0.xsd
View File

@ -2232,7 +2232,8 @@
</xs:attribute>
<xs:attribute name="token-repository-ref" type="xs:token">
<xs:annotation>
<xs:documentation>The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository
<xs:documentation>The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository wrapped by
LazyCsrfTokenRepository.
</xs:documentation>
</xs:annotation>
</xs:attribute>

2
config/src/main/resources/org/springframework/security/config/spring-security-5.1.rnc
View File

@ -738,7 +738,7 @@ csrf-options.attlist &=
## The RequestMatcher instance to be used to determine if CSRF should be applied. Default is any HTTP method except "GET", "TRACE", "HEAD", "OPTIONS"
attribute request-matcher-ref { xsd:token }?
csrf-options.attlist &=
## The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository
## The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository wrapped by LazyCsrfTokenRepository.
attribute token-repository-ref { xsd:token }?
headers =

3
config/src/main/resources/org/springframework/security/config/spring-security-5.1.xsd
View File

@ -2232,7 +2232,8 @@
</xs:attribute>
<xs:attribute name="token-repository-ref" type="xs:token">
<xs:annotation>
<xs:documentation>The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository
<xs:documentation>The CsrfTokenRepository to use. The default is HttpSessionCsrfTokenRepository wrapped by
LazyCsrfTokenRepository.
</xs:documentation>
</xs:annotation>
</xs:attribute>