web\Request validateCsrfToken()

validateCsrfToken() public method

Performs the CSRF validation.

This method will validate the user-provided CSRF token by comparing it with the one stored in cookie or session. This method is mainly called in yii\web\Controller::beforeAction().

Note that the method will NOT perform CSRF validation if $enableCsrfValidation is false or the HTTP method is among GET, HEAD or OPTIONS.

public boolean validateCsrfToken ( $token = null )
$token	string	The user-provided CSRF token to be validated. If null, the token will be retrieved from the $csrfParam POST field or HTTP header. This parameter is available since version 2.0.4.
return	boolean	Whether CSRF token is valid. If $enableCsrfValidation is false, this method will return true.

Links:

http://www.yiiframework.com/doc-2.0/yii-web-request.html#validateCsrfToken()-detail

doc_Yii

2016-10-30 17:16:07

Comments

Popular Articles

web\Request getPathInfo() getPathInfo() public method Returns the path info of the currently requested URL. A path info refers to the part that is after the entry script a

web\Request $parsers $parsers public property The parsers for converting the raw HTTP request body into $bodyParams. The array keys are the request Content-Types, and

web\Request setSecurePort() setSecurePort() public method Sets the port to use for secure requests. This setter is provided in case a custom port is necessary for certain se

web\Request $enableCookieValidation $enableCookieValidation public property Whether cookies should be validated to ensure they are not tampered. Defaults to true. public boolean $e

web\Request getHeaders() getHeaders() public method Returns the header collection. The header collection contains incoming HTTP headers. public yii\web\HeaderCollection