You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: cookbook/security/csrf_in_login_form.rst
+17-6Lines changed: 17 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -13,6 +13,10 @@ for CSRF. In this article you'll learn how you can use it in your login form.
13
13
Login CSRF attacks are a bit less well-known. See `Forging Login Requests`_
14
14
if you're curious about more details.
15
15
16
+
.. note::
17
+
18
+
Since SF 2.8 ``intention`` has been depreciated, and removed in SF 3.0. It is now labeled as ``csrf_token_id``. ``csrf_provider`` was changed in SF 3.0 to ``csrf_token_generator``.
19
+
16
20
Configuring CSRF Protection
17
21
---------------------------
18
22
@@ -33,7 +37,9 @@ provider available in the Security component:
33
37
# ...
34
38
form_login:
35
39
# ...
36
-
csrf_provider: security.csrf.token_manager
40
+
# Use csrf_provider in SF <2.8
41
+
# csrf_provider: security.csrf.token_manager
42
+
csrf_token_generator: security.csrf.token_manager
37
43
38
44
.. code-block:: xml
39
45
@@ -66,7 +72,9 @@ provider available in the Security component:
0 commit comments