Reputation: 456
Symfony add csrf token check for other pages
Official documentation (https://symfony.com/doc/current/security.html) of symfony states, to user CSRF protection I should add
# config/packages/security.yaml
security:
# ...
firewalls:
secured_area:
# ...
form_login:
# ...
enable_csrf: true
It works only for login form. This article (https://symfony.com/doc/current/security/csrf.html#csrf-protection-in-symfony-forms) says, that I can user method isCsrfTokenValid in the controller to check the token. I have another page, not, login page, where I want to check csrf token. Can you configure it somehow in the security.yaml or isCsrfTokenValid is the only way?
Upvotes: 1
Views: 229
Answers (1)
Reputation: 456
I investigated that "form_login" refers to built in functionality. "enable_csrf: true" is a parameter of that functionality and doesn't work for any thing else. So for all other forms I have to use isCsrfTokenValid
Upvotes: 0
Related Questions
- String together responsive classes in TailwindCSS
- Applying style on children does not work in Tailwind
- Tailwind CSS : Is there a way to target next sibling?
- How to style nested elements based on parent class using Tailwind CSS?
- use nth-child(odd) css selector with Tailwind on the parent element
- Scale on <a> elements with tailwind CSS
- Tailwind :before to all child except first child
- Apply styling on parent when interacting with child Tailwind
- Tailwind CSS - Grid - Children - Positioning
- Stacking custom Tailwind variants with responsive variants