Merge branch 'main' into GROUP-81-Update-Documentation

GroupHQ · Jan 13, 2024 · 418d532 · 418d532
2 parents 57b285b + 2a296a0
commit 418d532
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/config/checkstyle/google_checks.xml b/config/checkstyle/google_checks.xml
@@ -51,7 +51,7 @@
 
  <module name="LineLength">
  <property name="fileExtensions" value="java"/>
- <property name="max" value="100"/>
+ <property name="max" value="120"/>
  <property name="ignorePattern" value="^package.*|^import.*|a href|href|http://|https://|ftp://"/>
  </module>
 

diff --git a/src/main/java/org/grouphq/edgeservice/config/SecurityConfig.java b/src/main/java/org/grouphq/edgeservice/config/SecurityConfig.java
@@ -17,6 +17,7 @@
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint;
+import org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.reactive.CorsConfigurationSource;
 import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
@@ -47,7 +48,7 @@ SecurityWebFilterChain filterChain(ServerHttpSecurity httpSecurity) {
  new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED)))
  .httpBasic(Customizer.withDefaults())
  .cors(Customizer.withDefaults())
- .csrf(ServerHttpSecurity.CsrfSpec::disable)
+ .csrf(csrf -> csrf.csrfTokenRepository(CookieServerCsrfTokenRepository.withHttpOnlyFalse()))
  .build();
  }