I have a question regarding
symfony/form using as a standalone component and
security-csrf running with PHP build-in server. I hardly remember having such issue with the Symfony framework.
symfony/form as a standalone component I tried this code for both v4.2 and v5.1 https://github.com/xmgcoyi/standalone-forms/tree/4.2+twig. A rewrite of webmozart’s example mentioned here https://symfony.com/doc/current/components/form.html
The csrf token is generated with twig-bridge, but when submitting the form – on calling
invalid csrf error appears.
By default csrf protection is enabled, setting to
false – the form submits.
Tried CSRF component with both setups with
SessionTokenStorage + Session of HttpFoundation.
Could you give any hint on what I’m doing wrong and where to look at?
Code samples with csrf error on submission:
The apps above work well, the problem was in browser storage filled with garbage.
$formFactory->createBuilder(FormType::class, null, ['csrf_protection' => false]) submits the form
Source: Symfony Questions
Was this helpful?
0 / 0