Reverse content type check

When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.

closes gh-11204

web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java

@@ -151,7 +151,7 @@ public class CsrfWebFilter implements WebFilter {
 		ServerHttpRequest request = exchange.getRequest();
 		HttpHeaders headers = request.getHeaders();
 		MediaType contentType = headers.getContentType();
-		if (!contentType.includes(MediaType.MULTIPART_FORM_DATA)) {
+		if (!MediaType.MULTIPART_FORM_DATA.isCompatibleWith(contentType)) {
 			return Mono.empty();
 		}
 		return exchange.getMultipartData().map((d) -> d.getFirst(expected.getParameterName())).cast(FormFieldPart.class)

web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java

@@ -189,6 +189,17 @@ public class CsrfWebFilterTests {
 				.expectStatus().is2xxSuccessful();
 	}
 
+	@Test
+	public void filterWhenPostAndMultipartFormDataEnabledAndNoBodyProvided() {
+		this.csrfFilter.setCsrfTokenRepository(this.repository);
+		this.csrfFilter.setTokenFromMultipartDataEnabled(true);
+		given(this.repository.loadToken(any())).willReturn(Mono.just(this.token));
+		given(this.repository.generateToken(any())).willReturn(Mono.just(this.token));
+		WebTestClient client = WebTestClient.bindToController(new OkController()).webFilter(this.csrfFilter).build();
+		client.post().uri("/").header(this.token.getHeaderName(), this.token.getToken()).exchange().expectStatus()
+				.is2xxSuccessful();
+	}
+
 	@Test
 	public void filterWhenFormDataAndEnabledThenGranted() {
 		this.csrfFilter.setCsrfTokenRepository(this.repository);