CsrfTokenController

Returns responses for CSRF token routes. Hierarchy class \Drupal\system\Controller\CsrfTokenController implements ContainerInjectionInterface File core/modules/system/src/Controller/CsrfTokenController.php, line 14 Namespace Drupal\system\Controller Members Name Modifiers Type Description CsrfTokenController::$tokenGenerator protected property The CSRF token generator. CsrfTokenController::create public static function Instantiates a new instance of this class. O

CsrfRequestHeaderAccessCheck::__construct

public CsrfRequestHeaderAccessCheck::__construct(SessionConfigurationInterface $session_configuration, CsrfTokenGenerator $csrf_token) Constructs a new rest CSRF access check. Parameters \Drupal\Core\Session\SessionConfigurationInterface $session_configuration: The session configuration. \Drupal\Core\Access\CsrfTokenGenerator $csrf_token: The token generator. File core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php, line 42 Class CsrfRequestHeaderAccessCheck Access protection aga

CsrfRequestHeaderAccessCheck::TOKEN_KEY

A string key that will used to designate the token used by this class. File core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php, line 18 Class CsrfRequestHeaderAccessCheck Access protection against CSRF attacks. Namespace Drupal\Core\Access Code const TOKEN_KEY = 'X-CSRF-Token request header';

CsrfRequestHeaderAccessCheck::applies

public CsrfRequestHeaderAccessCheck::applies(Route $route) Declares whether the access check applies to a specific route or not. Parameters \Symfony\Component\Routing\Route $route: The route to consider attaching to. Return value array An array of route requirement keys this access checker applies to. Overrides AccessCheckInterface::applies File core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php, line 50 Class CsrfRequestHeaderAccessCheck Access protection against CSRF attacks.

CsrfRequestHeaderAccessCheck::access

public CsrfRequestHeaderAccessCheck::access(Request $request, AccountInterface $account) Checks access. Parameters \Symfony\Component\HttpFoundation\Request $request: The request object. \Drupal\Core\Session\AccountInterface $account: The currently logged in account. Return value \Drupal\Core\Access\AccessResultInterface The access result. File core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php, line 89 Class CsrfRequestHeaderAccessCheck Access protection against CSRF attacks.

CsrfRequestHeaderAccessCheck::$sessionConfiguration

The session configuration. Type: \Drupal\Core\Session\SessionConfigurationInterface File core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php, line 25 Class CsrfRequestHeaderAccessCheck Access protection against CSRF attacks. Namespace Drupal\Core\Access Code protected $sessionConfiguration;

CsrfRequestHeaderAccessCheck::$csrfToken

The token generator. Type: \Drupal\Core\Access\CsrfTokenGenerator File core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php, line 32 Class CsrfRequestHeaderAccessCheck Access protection against CSRF attacks. Namespace Drupal\Core\Access Code protected $csrfToken;

CsrfRequestHeaderAccessCheck

Access protection against CSRF attacks. Hierarchy class \Drupal\Core\Access\CsrfRequestHeaderAccessCheck implements AccessCheckInterface File core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php, line 13 Namespace Drupal\Core\Access Members Name Modifiers Type Description CsrfRequestHeaderAccessCheck::$csrfToken protected property The token generator. CsrfRequestHeaderAccessCheck::$sessionConfiguration protected property The session configuration. CsrfR

Crypt::randomBytesBase64

public static Crypt::randomBytesBase64($count = 32) Returns a URL-safe, base64 encoded string of highly randomized bytes. Parameters $count: The number of random bytes to fetch and base64 encode. Return value string The base64 encoded result will have a length of up to 4 * $count. See also \Drupal\Component\Utility\Crypt::randomBytes() File core/lib/Drupal/Component/Utility/Crypt.php, line 130 Class Crypt Utility class for cryptographically-secure string handling routines. Namespace

Crypt::randomBytes

public static Crypt::randomBytes($count) Returns a string of highly randomized bytes (over the full 8-bit range). This function is better than simply calling mt_rand() or any other built-in PHP function because it can return a long string of bytes (compared to < 4 bytes normally from mt_rand()) and uses the best available pseudo-random source. In PHP 7 and up, this uses the built-in PHP function random_bytes(). In older PHP versions, this uses the random_bytes() function provided by the rand