8000 Merge branches by xabbuh · Pull Request #5816 · symfony/symfony-docs · GitHub
[go: up one dir, main page]

Skip to content

Merge branches #5816

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Nov 5, 2015
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 24 additions & 1 deletion book/controller.rst
Original file line number Diff line number Diff line change
Expand Up @@ -440,7 +440,7 @@ If you want to redirect the user to another page, use the ``redirectToRoute()``
}

.. versionadded:: 2.6
The ``redirectToRoute()`` method was added in Symfony 2.6. Previously (and still now), you
The ``redirectToRoute()`` method was introduced in Symfony 2.6. Previously (and still now), you
could use ``redirect()`` and ``generateUrl()`` together for this (see the example above).

Or, if you want to redirect externally, just use ``redirect()`` and pass it the URL::
Expand Down Expand Up @@ -811,6 +811,29 @@ Just like when creating a controller for a route, the order of the arguments of
order of the arguments, Symfony will still pass the correct value to each
variable.

Validating a CSRF Token
-----------------------

Sometimes, you want to use CSRF protection in an action where you don't want to
use the Symfony Form component. If, for example, you're doing a DELETE action,
you can use the :method:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller::isCsrfTokenValid`
method to check the CSRF token::

if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
// ... do something, like deleting an object
}

.. versionadded:: 2.6
The ``isCsrfTokenValid()`` shortcut method was introduced in Symfony 2.6.
It is equivalent to executing the following code:

.. code-block:: php

use Symfony\Component\Security\Csrf\CsrfToken;

$this->get('security.csrf.token_manager')
->isTokenValid(new CsrfToken('token_id', 'TOKEN'));

Final Thoughts
--------------

Expand Down
0