Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

csrf_token now can be used without installing the Form component#9488

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Closed
javiereguiluz wants to merge2 commits intosymfony:masterfromjaviereguiluz:fix_9485

Conversation

@javiereguiluz
Copy link
Member

@javiereguiluzjaviereguiluz commentedMar 23, 2018
edited
Loading

Thisfixes#9485.

@xabbuh in your original code (https://github.com/symfony/symfony/pull/25197/files) the function was added to Twig Bridge so ... could you please verify if installing justsecurity-csrf is enough to use this function or if we need to install some other package? Thanks!

..code-block::terminal
$ composer require security-csrf form
$ composer require security-csrf
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Do we now need to show how to install forms for the section where we integrate CSRF tokens into a Symfony form? Or is it too obvious that you do of course need the Form component for them?

Copy link
MemberAuthor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I agree with you that it would be too obvious to installform first because you are literally creating a Symfony Form in that section.

@xabbuh
Copy link
Member

I think it's safe to assume that someone using Twig in a Symfony project has installed the TwigBundle which in turn pulls in the Twig bridge.

@xabbuh
Copy link
Member

Well, what of course could happen is that someone installs the Security CSRF component 4.1 while still using TwigBundle and TwigBridge 4.0. Do we need to take care of that?

@javiereguiluz
Copy link
MemberAuthor

@xabbuh thanks for sharing these details. I'd say that we should not explain this info because it's like an edge case and unrelated to Symfony ... it's more about managing Composer dependencies in your project.

@javiereguiluz
Copy link
MemberAuthor

@xabbuh I finally added aversionadded directive mentioning that before 4.1 you needed to install Symfony Forms even if you didn't use them.

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@xabbuhxabbuhxabbuh left review comments

Assignees

No one assigned

Projects

None yet

Milestone

4.1

Development

Successfully merging this pull request may close these issues.

[FrameworkBundle][TwigBridge] make csrf_token() usable without forms

3 participants

@javiereguiluz@xabbuh@carsonbot
[8]ページ先頭
©2009-2025 Movatter.jp