Using Symfony Form component standalone with security-csrf – error on submission

I have a question regarding symfony/form using as a standalone component and security-csrf running with PHP build-in server. I hardly remember having such issue with the Symfony framework.

When setting symfony/form as a standalone component I tried this code for both v4.2 and v5.1 https://github.com/xmgcoyi/standalone-forms/tree/4.2+twig. A rewrite of webmozart’s example mentioned here https://symfony.com/doc/current/components/form.html

The csrf token is generated with twig-bridge, but when submitting the form – on calling$form->isValid()invalid csrf error appears.

By default csrf protection is enabled, setting to false – the form submits.

Tried CSRF component with both setups with NativeSessionTokenStorage and SessionTokenStorage + Session of HttpFoundation.

Could you give any hint on what I’m doing wrong and where to look at?

P.S.
Code samples with csrf error on submission:

UPD
The apps above work well, the problem was in browser storage filled with garbage.

Setting to false in $formFactory->createBuilder(FormType::class, null, ['csrf_protection' => false]) submits the form

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *