You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation for "Configuring CsrfTokenRequestAttributeHandler" here (github link here) currently says that the default implementation is CsrfTokenRequestAttributeHandler (i.e. the one before Spring Security 6.x).
Unless I'm mistaken, I believe the new default is XorCsrfTokenRequestAttributeHandler which seems to be the case since gh-11960.