Skip to content

Commit 72e859d

Browse files
Merge pull request #29 from SmartPotTech/alert-autofix-5
Potential fix for code scanning alert no. 5: Disabled Spring CSRF protection
2 parents 7236248 + a5e6ee6 commit 72e859d

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/main/java/smartpot/com/api/Security/Config/SecurityConfiguration.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSec) throws Exce
5959
}
6060

6161
return httpSec
62-
.csrf(AbstractHttpConfigurer::disable)
62+
.csrf(Customizer.withDefaults()) // Enable CSRF protection
6363
.cors(c -> c.configurationSource(corsConfig))
6464
.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
6565
authorizationManagerRequestMatcherRegistry.requestMatchers(publicRoutesList.toArray(new String[0])).permitAll();

0 commit comments

Comments
 (0)