You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree:
ca2bc958df
1.0.x
2.0.x
3.0.x
3.1.x
3.2.x
4.0.x
4.1.x
4.2.x
5.0.x
5.1.x
5.2.x
5.3.x
5.4.x
5.5.x
5.6.x
5.7.x
5.8.x
5.8.x_update-antora-ui-spring
6.0.x
6.1.x
6.2.x
6.2.x_update-antora-ui-spring
6.3.x
6.3.x_update-antora-ui-spring
6.4.x
6.5.x
dependabot/gradle/6.4.x/io.micrometer-micrometer-observation-1.14.14
dependabot/gradle/6.4.x/org-aspectj-1.9.25.1
dependabot/gradle/6.4.x/org.hibernate.orm-hibernate-core-6.6.39.Final
dependabot/gradle/6.4.x/org.springframework.data-spring-data-bom-2024.1.13
dependabot/gradle/6.4.x/org.springframework.ldap-spring-ldap-core-3.2.16
dependabot/gradle/6.5.x/ch.qos.logback-logback-classic-1.5.22
dependabot/gradle/6.5.x/org-aspectj-1.9.25.1
dependabot/gradle/6.5.x/org.springframework-spring-framework-bom-6.2.15
dependabot/gradle/6.5.x/org.springframework.data-spring-data-bom-2024.1.13
dependabot/gradle/6.5.x/org.springframework.ldap-spring-ldap-core-3.2.16
dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.8
dependabot/gradle/main/org-apache-maven-resolver-1.9.25
dependabot/gradle/main/org-aspectj-1.9.25.1
dependabot/gradle/main/org.apache.maven-maven-resolver-provider-3.9.12
dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT
dependabot/gradle/main/org.springframework.ldap-spring-ldap-core-4.0.1
dependencies-typo-6.5.x
dependencies-typo-main
docs-build
finalize
gh-16886
gh-pages
kotlin22
main
main_update-antora-ui-spring
wrapperbot/spring-security/gradle-wrapper-8.10
wrapperbot/spring-security/gradle-wrapper-8.10.1
wrapperbot/spring-security/gradle-wrapper-8.10.2
wrapperbot/spring-security/gradle-wrapper-8.11
wrapperbot/spring-security/gradle-wrapper-8.11.1
wrapperbot/spring-security/gradle-wrapper-8.12
wrapperbot/spring-security/gradle-wrapper-8.12.1
wrapperbot/spring-security/gradle-wrapper-8.13
wrapperbot/spring-security/gradle-wrapper-8.14
wrapperbot/spring-security/gradle-wrapper-8.9
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
2.0.0
2.0.0.M1
2.0.0.M2
2.0.0.RC1
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5.RELEASE
2.0.6.RELEASE
2.0.7.RELEASE
2.0.8.RELEASE
2.5.0.M1
3.0.0.M1
3.0.0.M2
3.0.0.RC1
3.0.0.RC2
3.0.0.RELEASE
3.0.1.RELEASE
3.0.2.RELEASE
3.0.3.RELEASE
3.0.4.RELEASE
3.0.5.RELEASE
3.0.6.RELEASE
3.0.7.RELEASE
3.0.8.RELEASE
3.1.0.M1
3.1.0.M2
3.1.0.RC1
3.1.0.RC2
3.1.0.RC3
3.1.0.RELEASE
3.1.1.RELEASE
3.1.2.RELEASE
3.1.3.RELEASE
3.1.4.RELEASE
3.1.5.RELEASE
3.1.6.RELEASE
3.1.7.RELEASE
3.2.0.M1
3.2.0.M2
3.2.0.RC1
3.2.0.RC2
3.2.0.RELEASE
3.2.1.RELEASE
3.2.10.RELEASE
3.2.2.RELEASE
3.2.3.RELEASE
3.2.4.RELEASE
3.2.5.RELEASE
3.2.6.RELEASE
3.2.7.RELEASE
3.2.8.RELEASE
3.2.9.RELEASE
4.0.0.M1
4.0.0.M2
4.0.0.RC1
4.0.0.RC2
4.0.0.RELEASE
4.0.1.RELEASE
4.0.2.RELEASE
4.0.3.RELEASE
4.0.4.RELEASE
4.1.0.RC1
4.1.0.RC2
4.1.0.RELEASE
4.1.1.RELEASE
4.1.2.RELEASE
4.1.3.RELEASE
4.1.4.RELEASE
4.1.5.RELEASE
4.2.0.M1
4.2.0.RC1
4.2.0.RELEASE
4.2.1.RELEASE
4.2.10.RELEASE
4.2.11.RELEASE
4.2.12.RELEASE
4.2.13.RELEASE
4.2.14.RELEASE
4.2.15.RELEASE
4.2.16.RELEASE
4.2.17.RELEASE
4.2.18.RELEASE
4.2.19.RELEASE
4.2.2.RELEASE
4.2.20.RELEASE
4.2.3.RELEASE
4.2.4.RELEASE
4.2.5.RELEASE
4.2.6.RELEASE
4.2.7.RELEASE
4.2.8.RELEASE
4.2.9.RELEASE
5.0.0.M1
5.0.0.M2
5.0.0.M3
5.0.0.M4
5.0.0.M5
5.0.0.RC1
5.0.0.RELEASE
5.0.1.RELEASE
5.0.10.RELEASE
5.0.11.RELEASE
5.0.12.RELEASE
5.0.13.RELEASE
5.0.14.RELEASE
5.0.15.RELEASE
5.0.16.RELEASE
5.0.17.RELEASE
5.0.18.RELEASE
5.0.19.RELEASE
5.0.2.RELEASE
5.0.3.RELEASE
5.0.4.RELEASE
5.0.5.RELEASE
5.0.6.RELEASE
5.0.7.RELEASE
5.0.8.RELEASE
5.0.9.RELEASE
5.1.0.M1
5.1.0.M2
5.1.0.RC1
5.1.0.RC2
5.1.0.RELEASE
5.1.1.RELEASE
5.1.10.RELEASE
5.1.11.RELEASE
5.1.12.RELEASE
5.1.13.RELEASE
5.1.2.RELEASE
5.1.3.RELEASE
5.1.4.RELEASE
5.1.5.RELEASE
5.1.6.RELEASE
5.1.7.RELEASE
5.1.8.RELEASE
5.1.9.RELEASE
5.2.0.M1
5.2.0.M2
5.2.0.M3
5.2.0.M4
5.2.0.RC1
5.2.0.RELEASE
5.2.1.RELEASE
5.2.10.RELEASE
5.2.11.RELEASE
5.2.12.RELEASE
5.2.13.RELEASE
5.2.14.RELEASE
5.2.15.RELEASE
5.2.2.RELEASE
5.2.3.RELEASE
5.2.4.RELEASE
5.2.5.RELEASE
5.2.6.RELEASE
5.2.7.RELEASE
5.2.8.RELEASE
5.2.9.RELEASE
5.3.0.M1
5.3.0.RC1
5.3.0.RELEASE
5.3.1.RELEASE
5.3.10.RELEASE
5.3.11.RELEASE
5.3.12.RELEASE
5.3.13.RELEASE
5.3.2.RELEASE
5.3.3.RELEASE
5.3.4.RELEASE
5.3.5.RELEASE
5.3.6.RELEASE
5.3.7.RELEASE
5.3.8.RELEASE
5.3.9.RELEASE
5.4.0
5.4.0-M1
5.4.0-M2
5.4.0-RC1
5.4.1
5.4.10
5.4.11
5.4.2
5.4.3
5.4.4
5.4.5
5.4.6
5.4.7
5.4.8
5.4.9
5.5.0
5.5.0-M1
5.5.0-M2
5.5.0-M3
5.5.0-RC1
5.5.0-RC2
5.5.1
5.5.2
5.5.3
5.5.4
5.5.5
5.5.6
5.5.7
5.5.8
5.6.0
5.6.0-M1
5.6.0-M2
5.6.0-M3
5.6.0-RC1
5.6.1
5.6.10
5.6.11
5.6.12
5.6.2
5.6.3
5.6.4
5.6.5
5.6.6
5.6.7
5.6.8
5.6.9
5.7.0
5.7.0-M1
5.7.0-M2
5.7.0-M3
5.7.0-RC1
5.7.1
5.7.10
5.7.11
5.7.12
5.7.13
5.7.14
5.7.2
5.7.3
5.7.4
5.7.5
5.7.6
5.7.7
5.7.8
5.7.9
5.8.0
5.8.0-M1
5.8.0-M2
5.8.0-M3
5.8.0-RC1
5.8.1
5.8.10
5.8.11
5.8.12
5.8.13
5.8.14
5.8.15
5.8.16
5.8.2
5.8.3
5.8.4
5.8.5
5.8.6
5.8.7
5.8.8
5.8.9
6.0.0
6.0.0-M1
6.0.0-M2
6.0.0-M3
6.0.0-M4
6.0.0-M5
6.0.0-M6
6.0.0-M7
6.0.0-RC1
6.0.0-RC2
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
6.1.0
6.1.0-M1
6.1.0-M2
6.1.0-RC1
6.1.1
6.1.2
6.1.3
6.1.4
6.1.5
6.1.6
6.1.7
6.1.8
6.1.9
6.2.0
6.2.0-M1
6.2.0-M2
6.2.0-M3
6.2.0-RC1
6.2.0-RC2
6.2.1
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.3.0
6.3.0-M1
6.3.0-M2
6.3.0-M3
6.3.0-RC1
6.3.1
6.3.10
6.3.2
6.3.3
6.3.4
6.3.5
6.3.6
6.3.7
6.3.8
6.3.9
6.4.0
6.4.0-M1
6.4.0-M2
6.4.0-M3
6.4.0-M4
6.4.0-RC1
6.4.1
6.4.10
6.4.11
6.4.12
6.4.13
6.4.2
6.4.3
6.4.4
6.4.5
6.4.6
6.4.7
6.4.8
6.4.9
6.5.0
6.5.0-M1
6.5.0-M2
6.5.0-M3
6.5.0-RC1
6.5.1
6.5.2
6.5.3
6.5.4
6.5.5
6.5.6
6.5.7
7.0.0
7.0.0-M1
7.0.0-M2
7.0.0-M3
7.0.0-RC1
7.0.0-RC2
7.0.0-RC3
7.0.1
7.0.2
${ noResults }
10 lines
412 B
10 lines
412 B
[[exploits]] |
|
= Protection Against Exploits |
|
|
|
Spring Security provides protection against common exploits. |
|
Whenever possible, the protection is enabled by default. |
|
Below you will find high level description of the various exploits that Spring Security protects against. |
|
|
|
* xref:features/exploits/csrf.adoc[CSRF] |
|
* xref:features/exploits/headers.adoc[HTTP Headers] |
|
* xref:features/exploits/http.adoc[HTTP Requests]
|
|
|