Java Community | Help. Code. Learn.JC|HCL
Java Community | Help. Code. Learn.โ€ข2y agoโ€ข
11 replies
Milk Packet

Need help setting up CSRF on spring backend with a react frontend

I was just going through the spring docs to setup csrf protection with a SPA (react) frontend and found this code here that they suggested I use,

@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
            // ...
            .csrf((csrf) -> csrf
                .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())   
                .csrfTokenRequestHandler(new SpaCsrfTokenRequestHandler())            
            )
            .addFilterAfter(new CsrfCookieFilter(), BasicAuthenticationFilter.class); 
        return http.build();
    }
}
Was this page helpful?