From 41079c0321a04003ce9eaf89d128eb6e7591334a Mon Sep 17 00:00:00 2001 From: ella Date: Fri, 19 Dec 2025 03:46:04 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20csrf=20=EB=B9=84=ED=99=9C=EC=84=B1?= =?UTF-8?q?=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../team4backend/config/SecurityConfig.java | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/src/main/java/com/example/team4backend/config/SecurityConfig.java b/src/main/java/com/example/team4backend/config/SecurityConfig.java index 874c045..c3a0fe9 100644 --- a/src/main/java/com/example/team4backend/config/SecurityConfig.java +++ b/src/main/java/com/example/team4backend/config/SecurityConfig.java @@ -33,19 +33,20 @@ public class SecurityConfig { @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - CookieCsrfTokenRepository csrfTokenRepository = - CookieCsrfTokenRepository.withHttpOnlyFalse(); - csrfTokenRepository.setCookiePath("/"); - CsrfTokenRequestAttributeHandler requestHandler = new CsrfTokenRequestAttributeHandler(); - requestHandler.setCsrfRequestAttributeName(null); +// CookieCsrfTokenRepository csrfTokenRepository = +// CookieCsrfTokenRepository.withHttpOnlyFalse(); +// csrfTokenRepository.setCookiePath("/"); +// CsrfTokenRequestAttributeHandler requestHandler = new CsrfTokenRequestAttributeHandler(); + //requestHandler.setCsrfRequestAttributeName(null); http .cors(cors -> cors.configurationSource(corsConfigurationSource)) - .csrf(csrf -> csrf - .csrfTokenRepository(csrfTokenRepository) - .csrfTokenRequestHandler(requestHandler) - .ignoringRequestMatchers(CSRF_IGNORED) - ) +// .csrf(csrf -> csrf +// .csrfTokenRepository(csrfTokenRepository) +// .csrfTokenRequestHandler(requestHandler) +// .ignoringRequestMatchers(CSRF_IGNORED) +// ) + .csrf(AbstractHttpConfigurer::disable) .exceptionHandling(ex -> ex .authenticationEntryPoint(customAuthenticationEntryPoint) .accessDeniedHandler(customAccessDeniedHandler)