File tree 1 file changed +23
-1
lines changed
Filter options
1 file changed +23
-1
lines changed
Original file line number Diff line number Diff line change @@ -440,7 +440,7 @@ If you want to redirect the user to another page, use the ``redirectToRoute()``
440440 }
441441
442442.. versionadded :: 2.6
443- The ``redirectToRoute() `` method was added in Symfony 2.6. Previously (and still now), you
443+ The ``redirectToRoute() `` method was introduced in Symfony 2.6. Previously (and still now), you
444444 could use ``redirect() `` and ``generateUrl() `` together for this (see the example above).
445445
446446Or, if you want to redirect externally, just use ``redirect() `` and pass it the URL::
@@ -803,6 +803,28 @@ Just like when creating a controller for a route, the order of the arguments of
803803order of the arguments, Symfony will still pass the correct value to each
804804variable.
805805
806+ Validating a CSRF Token
807+ -----------------------
808+
809+ Sometimes you want to use CSRF protection in an action where you don't want to use the
810+ Symfony Form component.
811+
812+ If, for example, you're doing a DELETE action, you can use the
813+ :method: `Symfony\\ Bundle\\ FrameworkBundle\\ Controller\\ Controller::isCsrfTokenValid `
814+ method to check the CSRF token::
815+
816+ if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
817+ // ... do something, like deleting an object
818+ }
819+
820+ .. versionadded :: 2.6
821+ The ``isCsrfTokenValid() `` shortcut method was introduced in Symfony 2.6.
822+ It is equivalent to executing the following code::
823+
824+ use Symfony\C omponent\S ecurity\C srf\C srfToken;
825+
826+ $this->get('security.csrf.token_manager')->isTokenValid(new CsrfToken('token_id', 'TOKEN'));
827+
806828Final Thoughts
807829--------------
808830
You can’t perform that action at this time.
0 commit comments