11609 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Steve Riesenberg	8b490de08d	Merge branch '5.8.x' ... # Conflicts: # docs/modules/ROOT/pages/servlet/exploits/csrf.adoc	2022-10-05 14:46:15 -05:00
Steve Riesenberg	dce1c30522	Add support for BREACH ... Closes gh-4001	2022-10-05 14:21:13 -05:00
Steve Riesenberg	6bbf20be93	Fix failing tests ... Issue gh-11952	2022-10-05 14:19:40 -05:00
Rob Winch	22cbd2c42e	Merge branch '5.8.x' ... Closes gh-11957	2022-10-05 14:00:13 -05:00
Rob Winch	a5cc1f0b60	Merge branch '5.7.x' into 5.8.x ... Closes gh-11956	2022-10-05 13:58:44 -05:00
Rob Winch	37dd896d4b	Merge branch '5.6.x' into 5.7.x ... Closes gh-11955	2022-10-05 13:57:25 -05:00
Dan Allen	e0843aabb1	automatically manage docs version (with collector)	2022-10-05 13:56:22 -05:00
Steve Riesenberg	19fb7e5499	Merge branch '5.8.x' ... Merged using the ours strategy.	2022-10-05 13:48:35 -05:00
Steve Riesenberg	c1fcf275d9	Update What's New for 5.8 ... Issue gh-11952	2022-10-05 13:48:18 -05:00
Steve Riesenberg	a7000a053b	Merge branch '5.8.x'	2022-10-05 13:46:26 -05:00
Steve Riesenberg	1d706ae13d	Add csrfTokenRequestResolver to CsrfDsl ... Closes gh-11952	2022-10-05 13:35:23 -05:00
Marcus Da Coregio	c2ed65c67a	Fix failing tests ... Issue gh-9159	2022-10-05 14:59:33 -03:00
Marcus Da Coregio	22ba358e57	Merge branch '5.8.x'	2022-10-05 13:44:54 -03:00
Marcus Da Coregio	bf6e85ec15	Accept String varargs in securityMatcher ... Issue gh-9159	2022-10-05 13:44:08 -03:00
Marcus Da Coregio	38a7bbd2eb	Merge branch '5.8.x'	2022-10-05 13:20:12 -03:00
Marcus Da Coregio	ace8caa182	Remove mvcMatchers usage from docs ... Issue gh-11347	2022-10-05 13:19:37 -03:00
Marcus Da Coregio	76d7a85bc0	Use modified classpath test support for tests that depend on the classpath ... Issue gh-11347	2022-10-04 15:32:19 -03:00
Marcus Da Coregio	77dcc691b3	Add modified classpath test support ... Closes gh-11951	2022-10-04 15:32:18 -03:00
Marcus Da Coregio	5002199be3	Revert "Disable tests that need Spring MVC mocked in classpath" ... This reverts commit c6978fba7c53c5bec765dba672b0ccb084e3048f.	2022-10-04 15:32:18 -03:00
Marcus Da Coregio	35f7e46d05	Remove WebSecurityConfigurerAdapter ... Closes gh-10902	2022-10-04 15:13:04 -03:00
Steve Riesenberg	a10b0f526f	Merge branch 'main'	2022-10-04 12:01:57 -05:00
Marcus Da Coregio	60181e22d3	Upgrade com.unboundid:unboundid-ldapsdk to 6.0.6 ... Closes gh-10210	2022-10-04 13:39:42 -03:00
Steve Riesenberg	3bc76815c2	Update csrf.request-handler-ref in 6.0 ... Issue gh-11918	2022-10-04 11:24:54 -05:00
Steve Riesenberg	5de6da890b	Merge branch '5.8.x' ... Closes gh-dry-run	2022-10-04 11:18:00 -05:00
Marcus Da Coregio	c6978fba7c	Disable tests that need Spring MVC mocked in classpath ... Issue gh-11347	2022-10-04 08:56:06 -03:00
Steve Riesenberg	475b3bb6bb	Add deferred CsrfTokenRepository.loadDeferredToken ... * Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken> * Move RepositoryDeferredCsrfToken to top-level and make package-private * Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse) * Update CsrfFilter * Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler Issue gh-11892 Closes gh-11918	2022-10-03 17:10:54 -05:00
Steve Riesenberg	c847efd3fd	Fix servlet import ... Issue gh-11347 Issue gh-9159	2022-10-03 15:10:56 -05:00
Steve Riesenberg	c98de7af2f	Add xss-protection.header-value in 6.0 ... Issue gh-9631	2022-10-03 14:31:04 -05:00
Steve Riesenberg	7c3cc1e386	Merge branch '5.8.x'	2022-10-03 14:29:51 -05:00
Daniel Garnier-Moiroux	0e215a21ad	Add X-Xss-Protection headerValue to XML config ... Issue gh-9631	2022-10-03 14:29:34 -05:00
Marcus Da Coregio	ad2abd39dc	Merge branch '5.8.x' ... Closes gh-11347 in 6.0.x Closes gh-11945	2022-10-03 16:02:18 -03:00
Marcus Da Coregio	039e0328e1	Simplify Java Configuration RequestMatcher Usage ... If Spring MVC is present in the classpath, use MvcRequestMatcher by default. This commit also adds a new securityMatcher method in HttpSecurity Closes gh-11347 Closes gh-9159	2022-10-03 15:55:20 -03:00
Steve Riesenberg	ea777a3d7b	Merge branch '5.8.x' ... Merged using the ours strategy.	2022-10-03 10:05:57 -05:00
Daniel Garnier-Moiroux	bf59d7c374	Update What's New for 5.8	2022-10-03 10:05:25 -05:00
Steve Riesenberg	d9a682a414	Polish gh-11896	2022-10-03 10:00:43 -05:00
Steve Riesenberg	bf9339d88e	Merge branch '5.8.x'	2022-10-03 09:57:40 -05:00
Steve Riesenberg	7f9600ae08	Polish gh-11896	2022-10-03 09:57:08 -05:00
Marcus Da Coregio	5f2744db33	Merge branch '5.8.x' ... Closes gh-11937	2022-10-03 11:43:22 -03:00
Marcus Da Coregio	64a19de4dc	Deprecate HPKP security header ... Closes gh-10144	2022-10-03 11:36:19 -03:00
Marcus Da Coregio	80f6bdf50b	Merge branch '5.8.x'	2022-10-03 10:10:36 -03:00
Marcus Da Coregio	7be2eb05d5	Merge branch '5.7.x' into 5.8.x	2022-10-03 10:10:06 -03:00
Marcus Da Coregio	cd4ddde779	Merge branch '5.6.x' into 5.7.x	2022-10-03 10:09:42 -03:00
Daniel Garnier-Moiroux	26bb60c567	Add rncToXsd task description to CONTRIBUTING.adoc	2022-10-03 10:09:27 -03:00
Rob Winch	4479cefade	Default Require Explicit Session Management = true ... Closes gh-11763	2022-09-30 21:49:05 -05:00
Rob Winch	0d58c5180e	Remove Explicit RequestCache Config from DeferHttpSession Tests ... Issue gh-11757	2022-09-30 21:49:05 -05:00
Rob Winch	12a0ccf6de	Remove Explicit CSRF Config from DeferHttpSessionTests ... Issue gh-11764	2022-09-30 21:49:04 -05:00
Rob Winch	617353eaa8	Merge branch '5.8.x' ... Closes gh-11928	2022-09-30 21:46:26 -05:00
Rob Winch	6d56af7b65	SessionManagementDsl.requireExplicitAuthenticationStrategy	2022-09-30 21:37:44 -05:00
Josh Cummings	8f10deb602	Merge remote-tracking branch 'origin/5.8.x'	2022-09-30 17:01:22 -06:00
Josh Cummings	f054505d6d	Support Deferred Contexts ... Closes gh-11817 Issue gh-10913	2022-09-30 16:49:47 -06:00