发表新帖
发表新帖

What is the reason to disable csrf in spring boot web application?

后端 未结
关注
3 414
暖寄归人
暖寄归人 2021-02-05 03:28

There are many tutorials where is shown how to disable csrf, 

csrf().disable()

(and other possibilities like .properties, .y

3条回答
  • 傲寒
    傲寒 (楼主)
    2021-02-05 03:58

    Yes it is safe to disable if you have a diffeernt authentication mechanism which cannot be cloaked. For interal enterprise applications, not much of a concerrn. We had to disable it because it was interfering with our existing authentication mechanism.

    0 讨论(0)
 看不清?
提交回复
热议问题