See #24611 for background. It would be nice if there was a easier DSL to configure Spring Security.
Comment From: DiegoPCanellas
Hi! My team and i would like to tackle this one. is it ok?
Comment From: philwebb
Thanks for the offer @DiegoPCanellas, but looking at this one again I'm not sure we should add to the existing API. I think the original request for:
.requireCsrfProtectionMatcher(isNot(EndpointRequest.to(StartupEndpoint.class)))
Can be written:
EndpointRequest.toAnyEndpoint().excluding(StartupEndpoint.class)
Which removes the need for the isNot method and is already pretty concise.