What is the reason to disable csrf in spring boot web application?

Question

There are many tutorials where is shown how to disable csrf,

csrf().disable()

(and other possibilities like .properties, .y

Answer 1

What is the real-life reason to disable it?

The Spring documentation suggests:

Our recommendation is to use CSRF protection for any request that could be processed by a browser by normal users. If you are only creating a service that is used by non-browser clients, you will likely want to disable CSRF protection.

---

Does it improve performance?

It shouldn't impact the performance. A filter (or another component) will be removed from the request processing chain to make the feature unavailable.

What is the reason to disable csrf in a Spring Boot application?

1. You are using another token mechanism.
2. You want to simplify interactions between a client and the server.