Download the PHP package enumag/csrf-route-bundle without Composer
On this page you can find all versions of the php package enumag/csrf-route-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download enumag/csrf-route-bundle
More information about enumag/csrf-route-bundle
Files in enumag/csrf-route-bundle
Package csrf-route-bundle
Short Description Symfony bundle which provides a simple way to add CSRF tokens to routes
License MIT
Homepage https://github.com/Genedys/csrf-route-bundle
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package csrf-route-bundle
GenedysCsrfRouteBundle
This Symfony3 bundle provides route annotation and options to secure routes against CSRF attacks and without using forms.
Installation
Use Composer to install the bundle:
composer require genedys/csrf-route-bundle
or add the following line in your composer.json file:
Then, register the bundle in your application's bundles.php file:
Configuration
Configuration reference :
- enabled : Enable or disable the token verification (default:
true); - field_name : The name of the field appended to route URLs (default:
_token).
Usage
The only thing to do to use this package is to add some configurations to the routes you want to protect.
The bundle adds a router which can append a token query parameter on route generation and a controller listener validate which validates token on called routes.
Options configuration
The bundle checks controller calls and search for a csrf_token option. The available parameters for this options are:
token: The token parameter name (by default_token)intention: The token intention. Different intentions generate different tokens (by defaultnullwhich results to the route name).methods: The HTTP method(s) when the CSRF token is validated (by defaultGET).
You can also only specify the csrf_token option to true to use default parameters.
Annotation configuration
If you use annotations to configurate your routes, then the easiest way it to add an additionnal annotation to the sensible actions:
Twig integration
As the bundle provides a custom router, CSRF tokens are automatically appended to url generated with path(...) and url(...) on Twig templates.
Routers compatibility
This bundle overrides the default Symfony router. In case you use other bundles which does the same thing (for instance JMSI18nRoutingBundle), the router integrated on this bundle works automatically as an adapter on previously configurated router. The only thing to take care is to register the GenedysCsrfRouterBundle after the bundle which overrides the router.
Credits
Created by Fabien Antoine for Genedys.
License
This bundle is under the MIT license.
All versions of csrf-route-bundle with dependencies
symfony/framework-bundle Version ^3.3|^4.0
symfony/security-csrf Version ^3.3|^4.0