` First of all I am sorry about the format of this question. I tried to format the code but I only got error messages.
I have been trying for quite some time now, searching StackOverflow and all over the webb. I am following a Tutorial on Spring Security etc...and specifically Basic Authentication where I am supposed to capture csrf-token in Postman with Enterceptor. I have searched many threads here on StackOverflow and tried many things but I have not been able to solve it yet.
I have been reading about problems with security and SameSite= Lax and so on but I am not very confident in what to do and do where...
Since the "websecurityconfigureradapter" is deprecated, I tried to write my own SecurityConfig-file...
maybe there is something wrong with that?
I would very much appreciate any help.`
have been trying the following in my config-file:
http.csrf(csrf -> csr .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()));
with the following script in Postman test tab in the request:
var xsrfCookie = postman.getResponseCookie("XSRF-TOKEN"); pm.environment.set("xsrf-token", decodeURIComponent(pm.cookies.get("XSRF-TOKEN")));
with Header: X-XSRF {{xsrf-token}}
I have tried to install some kind of SSL-certificate in Postman, but I am not quite sure how that works. I have also read about how to set Flags in Google Chrome to control SameSite in some way but I have a version of Chrome (109) where I can´t set flags anymore.
And I have read somewhere that there is some problem with SameSite...and localhost?