CsrfFilter Accesses Session on Every Request

- [x] #11700
- [x] #11699

```
java.lang.RuntimeException: getSession(false)
	at example.SessionAccessedFilter$1.getSession(SessionAccessedFilter.java:25)
	at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:244)
	at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:244)
	at org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository.loadToken(HttpSessionCsrfTokenRepository.java:65)
	at org.springframework.security.web.csrf.LazyCsrfTokenRepository.loadToken(LazyCsrfTokenRepository.java:80)
	at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:104)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:351)
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CsrfFilter Accesses Session on Every Request #11456

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CsrfFilter Accesses Session on Every Request #11456

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions