Category : csrf

I’m just getting into the Symfony framework and trying to make a simple API call to an external source. I am not aware of what are the good practices and how to deal with this in an elegant way, so I am very thankful for any feedback. This is my Controller: namespace AppController; use AppDeutscheBankAPICaller; ..

Read more

I created some forms, and added a csrf tokens to each, like this: <input type="hidden" name="_csrf_token" value="{{ csrf_token(‘authenticate’) }}" /> I just found out, that folks use different token name for each form, and then validate them in a method of a controller, like this: <input type="hidden" name="_csrf_token" value="{{ csrf_token(‘my_form_one’) }}" />   public function ..

Read more

I have a question regarding symfony/form using as a standalone component and security-csrf running with PHP build-in server. I hardly remember having such issue with the Symfony framework. When setting symfony/form as a standalone component I tried this code for both v4.2 and v5.1 https://github.com/xmgcoyi/standalone-forms/tree/4.2+twig. A rewrite of webmozart’s example mentioned here https://symfony.com/doc/current/components/form.html The csrf ..

Read more

My form can never validate on localhost unless I deactivate my csrf field on localhost. It works perfectly fine on prod. I was thinking it could come from my config: router.request_context.host: ‘localhost:8000’ router.request_context.scheme: ‘http’ But despite my numerous tries, I can’t figure out where it’s coming from. My userType.php is fairly basic: class UserType extends ..

Read more