Skip to content

Update Type Validation Defaults #17181

Closed
Closed
Update Type Validation Defaults#17181
Assignees
jzheaux
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement
Milestone
7.0.0-M1
@jzheaux

Description

@jzheaux
jzheaux
opened on May 28, 2025

Related to #16672, Spring Security 7 should validate the JWT typ header by default instead of delegating that to Nimbus.

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions