Getting started with MVC(7)
MVC Security MVC has built-in some security features to protect pages, eg. CSRF protection. CSRF protection MVC has built-in CSRF protection, there is aCsrfinterface. ConfigureCsrfin theApplicationclass. Override thegetPropertiesmethod. @Override public Map<String, Object> getProperties() { Map<String, Object> props = new HashMap<>(); props.put(Csrf.CSRF_PROTECTION, Csrf.CsrfOptions.EXPLICIT); //view folder //props.put(ViewEngine.DEFAULT_VIEW_FOLDER, ViewEngine.VIEW_FOLDER); return super.getProperties(); } And there are some options to configure CSRF viaCsrf.CsrfOptions. OFF to disable Csrf.