This introduces an evolution on CsrfConfigurer#ignoreAntMatchers, allowing users to specify a RequestMatcher in the circumstance where more than just the path needs to be analyzed to determine whether CsrfFilter should require a token for the request. Simply put, a user can now selectively disable csrf by request matcher in addition to the way it can already be done with ant matchers. Fixes: gh-5477