May 28, 2015 · May 28, 2015 · May 30, 2015 · May 31, 2015 · Jul 28, 2015 · May 28, 2015
diff --git a/book/controller.rst b/book/controller.rst
    }

 .. versionadded:: 2.6
    The ``redirectToRoute()`` method wasadded in Symfony 2.6. Previously (and still now), you
    The ``redirectToRoute()`` method wasintroduced in Symfony 2.6. Previously (and still now), you
    could use ``redirect()`` and ``generateUrl()`` together for this (see the example above).

 Or, if you want to redirect externally, just use ``redirect()`` and pass it the URL::
 order of the arguments, Symfony will still pass the correct value to each
 variable.

 Checking the Validity of a CSRF Token
 -------------------------------------

 Sometimes you want to use CSRF protection in an action where you don't want to use a
 Symfony form.

 If, for example, you're doing a DELETE action, you can use the
 :method:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller::isCsrfTokenValid`
 method to check the CSRF token::

    if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
        // ... do something, like deleting an object
    }

 .. versionadded:: 2.6
    The ``isCsrfTokenValid()`` shortcut method was introduced in Symfony 2.6.

 Previously you would use::

    use Symfony\Component\Security\Csrf\CsrfToken;

    $this->get('security.csrf.token_manager')->isTokenValid(new CsrfToken('token_id', 'TOKEN'));

 Final Thoughts
 --------------
Original file line number	Diff line number	Diff line change
Expand Up		@@ -440,7 +440,7 @@ If you want to redirect the user to another page, use the ``redirectToRoute()``
		}

		.. versionadded:: 2.6
		The ``redirectToRoute()`` method wasadded in Symfony 2.6. Previously (and still now), you
		The ``redirectToRoute()`` method wasintroduced in Symfony 2.6. Previously (and still now), you
		could use ``redirect()`` and ``generateUrl()`` together for this (see the example above).

		Or, if you want to redirect externally, just use ``redirect()`` and pass it the URL::
Expand DownExpand Up		@@ -803,6 +803,29 @@ Just like when creating a controller for a route, the order of the arguments of
		order of the arguments, Symfony will still pass the correct value to each
		variable.

		Checking the Validity of a CSRF Token
		-------------------------------------

		Sometimes you want to use CSRF protection in an action where you don't want to use a
		Symfony form.
Copy link Member wouterjJul 28, 2015 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others.Learn more. I think "[...] to use the Symfony Form component." is better

		If, for example, you're doing a DELETE action, you can use the
		:method:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller::isCsrfTokenValid`
		method to check the CSRF token::

		if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
		// ... do something, like deleting an object
		}
Copy link Member stofMay 28, 2015 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others.Learn more. For consistency with other parts of the doc, there should be a comment showing the alternative not using the shortcut

		.. versionadded:: 2.6
		The ``isCsrfTokenValid()`` shortcut method was introduced in Symfony 2.6.
Copy link Member wouterjJul 28, 2015 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others.Learn more. I prefer something like this: ..versionadded::2.6 The ``isCsrfTokenValid()`` shortcut method was introduced in Symfony 2.6. It is equivalent to executing the following code:: use Symfony\Component\Security\Csrf\CsrfToken; $this->get('security.csrf.token_manager')->isTokenValid(new CsrfToken('token_id', 'TOKEN'));

		Previously you would use::

		use Symfony\Component\Security\Csrf\CsrfToken;

		$this->get('security.csrf.token_manager')->isTokenValid(new CsrfToken('token_id', 'TOKEN'));

		Final Thoughts
		--------------

Expand Down