Change recommended explanation.

Junhyunny · Junhyunny · commit 6e3ffd9baaff · 2024-07-25T22:42:20.000+09:00
diff --git a/docs/modules/ROOT/pages/servlet/exploits/csrf.adoc b/docs/modules/ROOT/pages/servlet/exploits/csrf.adoc
@@ -130,7 +130,7 @@ You can also specify <<csrf-token-repository-custom,your own implementation>> to
 
 By default, Spring Security stores the expected CSRF token in the `HttpSession` by using javadoc:org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository[], so no additional code is necessary.
 
-The `HttpSessionCsrfTokenRepository` reads the token from a session(e.g. in-memory, cache or database). Default session attribute name is `HttpSessionCsrfTokenRepository.class.getName().concat(".CSRF_TOKEN")`. The session attribute name can be changed using HttpSessionCsrfTokenRepository#setSessionAttributeName method.
+The `HttpSessionCsrfTokenRepository` reads the token from a session (whether in-memory, cache, or database). If you need to access the session attribute directly, please first configure the session attribute name using HttpSessionCsrfTokenRepository#setSessionAttributeName.
 
 You can specify the default configuration explicitly using the following configuration:
 
