web\Request $enableCsrfCookie

$enableCsrfCookie public property Whether to use cookie to persist CSRF token. If false, CSRF token will be stored in session under the name of $csrfParam. Note that while storing CSRF tokens in session increases security, it requires starting a session for every page, which will degrade your site performance. public boolean $enableCsrfCookie = true

web\Request $enableCsrfValidation

$enableCsrfValidation public property Whether to enable CSRF (Cross-Site Request Forgery) validation. Defaults to true. When CSRF validation is enabled, forms submitted to an Yii Web application must be originated from the same application. If not, a 400 HTTP exception will be raised. Note, this feature requires that the user client accepts cookie. Also, to use this feature, forms submitted via POST method must contain a hidden input whose name is specified by $csrfParam. You may use yii\he

web\Request $csrfToken

$csrfToken public read-only property The token used to perform CSRF validation. public string getCsrfToken ( $regenerate = false )

web\Request $csrfTokenFromHeader

$csrfTokenFromHeader public read-only property The CSRF token sent via CSRF_HEADER by browser. Null is returned if no such header is sent. public string getCsrfTokenFromHeader ( )

web\Request $csrfParam

$csrfParam public property The name of the token used to prevent CSRF. Defaults to '_csrf'. This property is used only when $enableCsrfValidation is true. public string $csrfParam = '_csrf'

web\Request $csrfCookie

$csrfCookie public property The configuration for creating the CSRF cookie. This property is used only when both $enableCsrfValidation and $enableCsrfCookie are true. public array $csrfCookie = ['httpOnly' => true]

web\Request $cookieValidationKey

$cookieValidationKey public property A secret key used for cookie validation. This property must be set if $enableCookieValidation is true. public string $cookieValidationKey = null

web\Request $cookies

$cookies public read-only property The cookie collection. public yii\web\CookieCollection getCookies ( )

web\Request $contentType

$contentType public read-only property Request content-type. Null is returned if this information is not available. public string getContentType ( )

web\Request $bodyParams

$bodyParams public property The request parameters given in the request body. public array getBodyParams ( )public void setBodyParams ( $values )