8000 Fixed CSRF check in controller · symfony/symfony-docs@ee481e9 · GitHub
[go: up one dir, main page]
Skip to content

Commit ee481e9

Browse files
HeahDudeHeahDude
committed
Fixed CSRF check in controller
1 parent 04562c0 commit ee481e9

File tree

Original file line numberDiff line numberDiff line change
@@ -9,9 +9,11 @@ want to use the Symfony Form component. If, for example, you are implementing
99
a DELETE action, you can use the :method:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller::isCsrfTokenValid`
1010
method to check the validity of a CSRF token::
1111

12-
public function deleteAction()
12+
use Symfony\Component\HttpFoundation\Request;
13+
14+
public function deleteAction(Request $request)
1315
{
14-
if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
16+
if ($this->isCsrfTokenValid('token_id', $request->request->get('token_param'))) {
1517
// ... do something, like deleting an object
1618
}
1719
}