Protection Against Exploits

跨站点脚本 (XSS) 和跨站点请求伪造 (CSRF)
会话固定和会话劫持
表单提交中的跨域请求伪造 (CSRF)
注入攻击
安全漏洞和配置错误

Spring Security 提供了针对常见攻击的保护。任何时候，此保护都处于默认启用状态。本节介绍了 Spring Security 防范的各种攻击。

Spring Security provides protection against common exploits. Whenever possible, the protection is enabled by default. This section describes the various exploits that Spring Security protects against.