Download the PHP package dkplus/csrf-api-unprotection-bundle without Composer
On this page you can find all versions of the php package dkplus/csrf-api-unprotection-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download dkplus/csrf-api-unprotection-bundle
More information about dkplus/csrf-api-unprotection-bundle
Files in dkplus/csrf-api-unprotection-bundle
Package csrf-api-unprotection-bundle
Short Description Disables the CSRF-token validation for all urls that matches a given expression.
License MIT
Informations about the package csrf-api-unprotection-bundle
CSRF API Unprotection Bundle
When developing stateless REST-APIs you do not want to CSRF token validation. Fortunately FOSRest provides the ability to disable it.
The solution does not work if you do not have a ROLE for all API users.
This Bundle disables the CSRF token validation based upon the URL of the request.
So if your API has a global prefix like /api/
you can disable the CSRF token validation for all your API forms.
Installation
Step 1: Download the Bundle
Installation of this Bundle uses composer. It requires you to have Composer installed globally. For composer documentation, please refer to getcomposer.org.
Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle:
Step 2: Enable the Bundle within your AppKernel
Then, enable the bundle by adding the following line in the app/AppKernel.php
file of your project:
That's everything you need :-)
Configuration
The default configuration disables the CSRF token validation for all uris
that begins with /api/
regardless which environment you are using.
All versions of csrf-api-unprotection-bundle with dependencies
symfony/config Version ^2.8|^3|^4
symfony/dependency-injection Version ^2.8|^3|^4
symfony/form Version ^2.8|^3|^4
symfony/http-foundation Version ^2.8|^3|^4
symfony/http-kernel Version ^2.8|^3|^4
beberlei/assert Version ^2||^3