We should default to Xor CSRF tokens in 6.0:
- Use
XorCsrfTokenRequestAttributeHandlerinCsrfFilter - Use
XorServerCsrfTokenRequestAttributeHandlerinCsrfWebFilter
Related gh-4001
We should default to Xor CSRF tokens in 6.0:
XorCsrfTokenRequestAttributeHandler in CsrfFilterXorServerCsrfTokenRequestAttributeHandler in CsrfWebFilterRelated gh-4001