Add reactive HTTP exploit samples

Issue gh-8172

docs/manual/src/docs/asciidoc/_includes/reactive/exploits/http.adoc

@@ -14,7 +14,8 @@ For example, the following Java configuration will redirect any HTTP requests to
 
 .Redirect to HTTPS
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
@@ -24,6 +25,18 @@ SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	return http.build();
 }
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@Bean
+fun springSecurityFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
+    return http {
+        // ...
+        redirectToHttps { }
+    }
+}
+----
 ====
 
 The configuration can easily be wrapped around an if statement to only be turned on in production.
@@ -32,7 +45,8 @@ For example, if the production environment adds a header named `X-Forwarded-Prot
 
 .Redirect to HTTPS when X-Forwarded
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
@@ -44,6 +58,22 @@ SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	return http.build();
 }
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@Bean
+fun springSecurityFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
+    return http {
+        // ...
+        redirectToHttps {
+            httpsRedirectWhen {
+                it.request.headers.containsKey("X-Forwarded-Proto")
+            }
+        }
+    }
+}
+----
 ====
 
 [[webflux-hsts]]