FormRendererInterface::renderCsrfToken()

string renderCsrfToken(string $tokenId)

Renders a CSRF token.

Use this helper for CSRF protection without the overhead of creating a form.

Check the token in your action using the same token ID.

$csrfProvider = $this->get('security.csrf.tokengenerator'); if (!$csrfProvider->isCsrfTokenValid('rmuser_'.$user->getId(), $token)) { throw new \RuntimeException('CSRF attack detected.'); }

Parameters

string $tokenId The ID of the CSRF token

Return Value

string A CSRF token
doc_Symfony
2016-10-28 06:19:11
Comments
Leave a Comment

Please login to continue.