github
/
spring-security
mirror of https://github.com/spring-projects/spring-security


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435
							= Testing with CSRF

Spring Security also provides support for CSRF testing with `WebTestClient`.
For example:

[tabs]
======
Java::
+
[source,java,role="primary"]
----
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf;

this.rest
	// provide a valid CSRF token
	.mutateWith(csrf())
	.post()
	.uri("/login")
	...
----

Kotlin::
+
[source,kotlin,role="secondary"]
----
import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf

this.rest
    // provide a valid CSRF token
    .mutateWith(csrf())
    .post()
    .uri("/login")
    ...
----
======