Spring Security provides CSRF protection as well: http://docs.spring.io/spring-security/site/docs/3.2.2.RELEASE/reference/htmlsingle/#csrf
On Mon, Mar 24, 2014 at 3:49 PM, Akash Jain <akash.delh...@gmail.com> wrote: > How can I prevent CSRF protection using Tomcat 7 ? > > I have heard that tomcat 7 provides CSRF filter > > http://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/filters/CsrfPreventionFilter.html > > But is it thread safe ? > > Or shall we do a custom protection in our spring 3 application ? >
