Check the user for a SockJS request [SPR-12497] #17103
Labels
in: web
Issues in web modules (web, webmvc, webflux, websocket)
status: backported
An issue that has been backported to maintenance branches
type: enhancement
A general enhancement
Milestone
Rossen Stoyanchev opened SPR-12497 and commented
Add a simple check to ensure the user associated with the target SockJS session for a request is the same as the user associated with the request.
Affects: 4.0.8
Referenced from: commits ac5c361, dc5b5ca
Backported to: 4.0.9
The text was updated successfully, but these errors were encountered: