Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit8b8a48a

Browse files
committed
minor#5818 document old way of checking validity of CSRF token (snoek09)
This PR was squashed before being merged into the 2.3 branch (closes#5818).Discussion----------document old way of checking validity of CSRF token| Q | A| ------------- | ---| Doc fix? | yes| New docs? | yes| Applies to | all| Fixed tickets | Related to#4668Commits-------8257cc8 document old way of checking validity of CSRF token
2 parents87d3167 +8257cc8 commit8b8a48a

File tree

1 file changed

+18
-0
lines changed

1 file changed

+18
-0
lines changed

‎book/controller.rst‎

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -796,6 +796,24 @@ Just like when creating a controller for a route, the order of the arguments of
796796
order of the arguments, Symfony will still pass the correct value to each
797797
variable.
798798

799+
Checking the Validity of a CSRF Token
800+
-------------------------------------
801+
802+
Sometimes you want to use CSRF protection in an action where you don't want to use a
803+
Symfony form.
804+
805+
If, for example, you're doing a DELETE action, you can use the
806+
:method:`Symfony\\Component\\Form\\Extension\\Csrf\\CsrfProvider\\CsrfProviderInterface::isCsrfTokenValid`
807+
method to check the CSRF token::
808+
809+
$csrf = $this->container->get('form.csrf_provider');
810+
$intention = 'authenticate';
811+
$token = $csrf->generateCsrfToken($intention);
812+
813+
if (!$csrf->isCsrfTokenValid($intention, $token)) {
814+
// CSRF token invalid! Do something, like redirect with an error.
815+
}
816+
799817
Final Thoughts
800818
--------------
801819

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp