Skip to content

Commit

Permalink
Fix obsolete csrf extension name and configuration in security-csrf-p…
Browse files Browse the repository at this point in the history 
…revention.adoc

(cherry picked from commit 0bb5206)
  • Loading branch information
@ksdev-pl @gsmet
ksdev-pl authored and gsmet committed Aug 19, 2024
1 parent cb11e94 commit 10f6703
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions docs/src/main/asciidoc/security-csrf-prevention.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ https://github.com/quarkusio/quarkus/tree/main/docs/src/main/asciidoc
include::_attributes.adoc[]
:categories: security
:topics: security,csrf,http
:extensions: io.quarkus:quarkus-csrf-reactive
:extensions: io.quarkus:quarkus-rest-csrf

https://owasp.org/www-community/attacks/csrf[Cross-Site Request Forgery (CSRF)] is an attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated.

Expand All @@ -24,15 +24,15 @@ First, we need a new project.
Create a new project with the following command:

:create-app-artifact-id: security-csrf-prevention
:create-app-extensions: csrf-reactive
:create-app-extensions: rest-csrf
include::{includes}/devtools/create-app.adoc[]

This command generates a project which imports the `csrf-reactive` extension.
This command generates a project which imports the `rest-csrf` extension.

If you already have your Quarkus project configured, you can add the `csrf-reactive` extension
If you already have your Quarkus project configured, you can add the `rest-csrf` extension
to your project by running the following command in your project base directory:

:add-extension-extensions: csrf-reactive
:add-extension-extensions: rest-csrf
include::{includes}/devtools/extension-add.adoc[]

This will add the following to your build file:
Expand All @@ -42,14 +42,14 @@ This will add the following to your build file:
----
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-csrf-reactive</artifactId>
<artifactId>quarkus-rest-csrf</artifactId>
</dependency>
----

[source,gradle,role="secondary asciidoc-tabs-target-sync-gradle"]
.build.gradle
----
implementation("io.quarkus:quarkus-csrf-reactive")
implementation("io.quarkus:quarkus-rest-csrf")
----

Next, let's add a `csrfToken.html` Qute template producing an HTML form in the `src/main/resources/templates` folder:
Expand Down

0 comments on commit 10f6703

Please sign in to comment.