This version is still in development and is not considered stable yet. For the latest stable version, please use Spring Security 7.0.2!

Cross Site Request Forgery (CSRF)

Spring provides comprehensive support for protecting against Cross Site Request Forgery (CSRF) attacks. In the following sections, we explore:

What is a CSRF Attack?
Protecting Against CSRF Attacks
CSRF Considerations

This portion of the documentation discusses the general topic of CSRF protection. See the relevant sections for specific information on CSRF protection for servlet and