Skip to content

Commit fdd1c2b

Browse files
Potential fix for code scanning alert no. 106: Disabled Spring CSRF protection (#3946)
* Potential fix for code scanning alert no. 106: Disabled Spring CSRF protection Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * review from copilot * review from copilot * review from copilot * review from copilot --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
1 parent 8d2b210 commit fdd1c2b

1 file changed

Lines changed: 0 additions & 2 deletions

File tree

server/src/main/java/org/cloudfoundry/identity/uaa/ratelimiting/beans/RateLimiterSecurityConfiguration.java

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,6 @@
1515
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
1616
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
1717
import org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer;
18-
import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer;
1918
import org.springframework.security.config.http.SessionCreationPolicy;
2019
import org.springframework.security.web.SecurityFilterChain;
2120
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
@@ -55,7 +54,6 @@ UaaFilterChain ratelimitSecurity(HttpSecurity http) throws Exception {
5554
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
5655
.addFilterBefore(oauthWithoutResourceAuthenticationFilter.getFilter(), BasicAuthenticationFilter.class)
5756
.anonymous(AnonymousConfigurer::disable)
58-
.csrf(CsrfConfigurer::disable)
5957
.exceptionHandling(exception ->
6058
exception.authenticationEntryPoint(basicAuthenticationEntryPoint)
6159
.accessDeniedHandler(oauthAccessDeniedHandler)

0 commit comments

Comments
 (0)