Design Partners
Enable CSRF attack prevention
** org.openrewrite.java.security.spring.CsrfProtection** Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user's web browser to perform an unwanted action on a trusted site when the user is authenticated. See the full OWASP cheatsheet.

Source

  • groupId: org.openrewrite.recipe
  • artifactId: rewrite-java-security
  • version: 1.14.1

Options

Type
Name
Description
Boolean
onlyIfSecurityConfig
Optional. Only patch existing implementations of WebSecurityConfigurerAdapter.

Usage

This recipe has no required configuration options and can be activated directly after taking a dependency on org.openrewrite.recipe:rewrite-java-security:1.14.1 in your build file:
Gradle
Maven
build.gradle
plugins {
id("org.openrewrite.rewrite") version("5.26.1")
}
rewrite {
activeRecipe("org.openrewrite.java.security.spring.CsrfProtection")
}
repositories {
mavenCentral()
}
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:1.14.1")
}
pom.xml
<project>
<build>
<plugins>
<plugin>
<groupId>org.openrewrite.maven</groupId>
<artifactId>rewrite-maven-plugin</artifactId>
<version>4.31.1</version>
<configuration>
<activeRecipes>
<recipe>org.openrewrite.java.security.spring.CsrfProtection</recipe>
</activeRecipes>
</configuration>
<dependencies>
<dependency>
<groupId>org.openrewrite.recipe</groupId>
<artifactId>rewrite-java-security</artifactId>
<version>1.14.1</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</build>
</project>
Recipes can also be activated directly from the command line by adding the argument -Drewrite.activeRecipesorg.openrewrite.java.security.spring.CsrfProtection
Export as PDF
Copy link