Download the PHP package secit-pl/advanced-form-token-bundle without Composer
On this page you can find all versions of the php package secit-pl/advanced-form-token-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download secit-pl/advanced-form-token-bundle
More information about secit-pl/advanced-form-token-bundle
Files in secit-pl/advanced-form-token-bundle
Package advanced-form-token-bundle
Short Description Advanced implementation of the Symfony form token.
License MIT
Homepage http://secit.pl
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package advanced-form-token-bundle
Advanced Symfony Form Token
This bundle provides the advanced form token implementation for Symfony 2.8 and 3.0+.
Features
- JavaScript version of the core form token
- JavaScript code obfuscation (requires external libraries)
Installation
From the command line run
Update your AppKernel by adding the bundle declaration
Usage
By default this bundle is disabled for all forms. You can enable it globally or for a single form.
Simgle form usage
To enable the JavaScript token just add the javascript_csrf_protection to the form defaults.
Here is the list of possible options used by JavaScript form token. Most of them works the same like the native Symfony form token options.
javascript_csrf_protection - default: false - is JavaScript form token enabled?
javascript_csrf_field_name - deafult: _jstoken - the token form field name
javascript_csrf_message - The error message displayed if the form token is invalid
javascript_csrf_javascript_obfuscator' - deafult: null - The obfuscator class used to obfuscate generated token JavaScript code
Global configuration
config.yml
JavaScript obfuscator
By default generated JavaScript code is not obfuscated. To enable it you need to define the obfuscator class which should
be used for this operation. This class should implements the SecIT\AdvancedFormTokenBundle\JavaScript\ObfuscatorInterface.
Current version provides one ready to use obfuscator SecIT\AdvancedFormTokenBundle\JavaScript\TholuPhpPackerObfuscator which
requires that you have already installed the https://github.com/tholu/php-packer. This package in not installed by default
due to the fact that it uses the LGPL-2.1 license thich is not fully compatible with MIT license used by this bundle.
To enable the obfuscator for a single form set the javascript_csrf_javascript_obfuscator option to the SecIT\AdvancedFormTokenBundle\JavaScript\TholuPhpPackerObfuscator value.
In most cases you'd like to have obfuscator enabled for all JavaScript token forms so the best way will be to set it up
globally in your config.yml:
From now TholuPhpPackerObfuscator will randomly obfuscate the JavaScript code generated for each form token.
All versions of advanced-form-token-bundle with dependencies
symfony/framework-bundle Version ~2.8|~3.0|~4.0
symfony/dependency-injection Version ~2.8|~3.0|~4.0