-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Adapt to form data not adding charset if it is UTF-8
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: breaks-passivity
A change that breaks passivity with the previous release
Add validation IpAddressMatcher
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
CsrfAuthenticationStrategy is not consistent with CsrfFilter
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
type: bug
A general bug
Register FilterChainProxy for all dispatcher types
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Default to DelegatingSecurityContextRepository in SecurityContextConfigurer
in: config
An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Remove OAuth Deprecations
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: breaks-passivity
A change that breaks passivity with the previous release
Remove deprecated CsrfSpec.tokenFromMultipartDataEnabled
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
Remove deprecated CsrfWebFilter.setTokenFromMultipartDataEnabled
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
Remove deprecated constructors in PasswordEncoders
in: crypto
An issue in spring-security-crypto
type: breaks-passivity
A change that breaks passivity with the previous release
Default X-Xss-Protection header value to "0"
in: web
An issue in web modules (web, webmvc)
status: duplicate
A duplicate of another issue
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Default to Xor CSRF protection
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
RequestMatcherDelegatingAuthorizationManager
should deny when no match
in: web
Use MvcRequestMatcher by default if Spring MVC is present
in: config
An issue in spring-security-config
status: duplicate
A duplicate of another issue
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Remove deprecated RequestMatcher methods from Java Configuration
in: config
An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Remove WebSecurityConfigurerAdapter
in: config
An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Make X-Xss-Protection header value configurable in ServerHttpSecurity
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Use MvcRequestMatcher by default if Spring MVC is present
in: config
An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Change default authority for oauth2Login()
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: duplicate
A duplicate of another issue
type: breaks-passivity
A change that breaks passivity with the previous release
Prevent JwtAuthenticationProvider from setting authentication details when jwtAuthenticationConverter returned an authentication instance with non null details
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: duplicate
A duplicate of another issue
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Remove Deprecated OpenSAML 3 Support
in: saml2
An issue in SAML2 modules
type: breaks-passivity
A change that breaks passivity with the previous release
csrfRequestAttributeName = _csrf
in: web
An issue in web modules (web, webmvc)
type: breaks-passivity
A change that breaks passivity with the previous release
Remove Configuration meta-annotation from Enable* annotations
in: config
An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Remove default value for access parameter
in: config
An issue in spring-security-config
status: duplicate
A duplicate of another issue
type: breaks-passivity
A change that breaks passivity with the previous release
type: bug
A general bug
Remove deprecations in ServerOAuth2AuthorizedClientExchangeFilterFunction
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: breaks-passivity
A change that breaks passivity with the previous release
Remove deprecations in ServletOAuth2AuthorizedClientExchangeFilterFunction
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: breaks-passivity
A change that breaks passivity with the previous release
Previous Next
ProTip!
Find all open issues with in progress development work with linked:pr.