The Spring Framework issues have migrated from Jira to GitHub Issues. See the announcement blog post for details.
For details and concrete examples of RFD attacks see the RFD paper from Trustwave.
For information specific to Spring MVC see the CVE-2015-5211 security report.
Content Disposition header being added on some urls...did not behave this way in 4.2.1
Content-Disposition added for @ResponseBody methods explicitly mapped to ".html" or other extensions
Content-Disposition header causes download in browser for Spring Boot Actuator endpoints
Skip Content-Disposition header when status != 2xx
Content-Disposition with fixed file name "f.txt" causes confusion