1 articles about Csrf. Explore Spring Boot implementation, design, and operations across related topics.
Explains why POST requests return 403 in Spring Security from the perspective of how CSRF works. Covers why csrf().disable() is the correct approach for REST APIs, why it should be enabled for Thymeleaf form-based apps, along with implementation examples using Spring Security 6's Lambda DSL.
2026-05-06
