class DefaultCsrfProvider implements CsrfProviderInterface
Default implementation of CsrfProviderInterface.
This provider uses the session ID returned by session_id() as well as a user-defined secret value to secure the CSRF token.
__construct(string $secret) Initializes the provider with a secret value. | ||
string | generateCsrfToken(string $intention) Generates a CSRF token for a page of your application. | |
bool | isCsrfTokenValid(string $intention, string $token) Validates a CSRF token. |
Initializes the provider with a secret value.
A recommended value for the secret is a generated value with at least 32 characters and mixed letters, digits and special characters.
Generates a CSRF token for a page of your application.
Validates a CSRF token.
© 2004–2016 Fabien Potencier
Licensed under the MIT License.
http://api.symfony.com/2.8/Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider.html