How to prevent CSRF attack in Spring mvc 4

I have java spring mvc project. I wanted to know how to protect my webApp from CSRF .I have read , Spring handles that default, does that mean I don't have to config anything and I am still safe? Thanks in advance.

Solution

If you are using Spring Security then CSRF protection is enabled by default since version 4.0.

Have a look to the documentation to be sure what you need to do:

Spring Security CSRF protection

It says, basically, you need to be sure your app use proper HTTP verbs: PATCH, POST, PUT, and/or DELETE for anything that modifies state and POST instead of GET when sending back sensitive information.

Then, as the CSRF protection is enabled by default using Spring Security, then you only need to include the CSRF Token when sending your payload (forms, json, etc.)

'wsimport' is not recognized error in command prompt
Best way to compare two JSON files in Java
Java get month sort name from date
Obtain and download Javadoc (JDK API documentation) to a local file for offline reading
How to get the number of days in a specific month using Java Calendar?
Custom Spring annotation for request parameters
License for package Android SDK Platform 29 not accepted
Java Compile Time Error: reached end of file while parsing
ShellIpcClient and NonCelloThread errors java
How to verify a signature from the Phantom wallet?
FirebaseAuth - Get tokenId in Java backend
How to hide constructor on a Java record that offers a public static factory method?
Is it possible to get MariaDB4J to work on an M1 Mac?
Cannot run simple compiled java program?
Getting IntelliJ to generate Java Sources from Proto files
Insert a java string constant in a quarkus qute template?
Why is the run button not working in Eclipse?
Stuck on Card/Deck exercise from Java official tutorial
Spring Batch - Deleting metadata post job completion throws error - Incorrect result size: expected 1, actual 0
Simple export and import of a SQLite database on Android
How to serialize a date to a specific format?
How to make the Youtube's rotating spinner loading screen on Java Swing
How to sort List<Integer[]> in java?
How to prevent spring boot from auto creating instance of bean 'entityManagerFactory' at startup?
Sharing instance of a class between multiple tests running in parallel in Junit5
Launch4J not recognizing Eclipse Temurin OpenJDK Java 17
Turn my stack into a string?
How can I document or exclude the generated BuildConfig class in my documentation?
Is it a bad practice to catch Throwable?
Java: Right Click Copy Cut Paste On TextField