On Apr 8, 5:55 pm, "Thomas Rabaix" <[EMAIL PROTECTED]> wrote: > in yml # symbol is used to comment text .... :)
Yeah, I love that symbol :-D I just wasn't sure if it's meaning were the same if it came in two pairs wrapped around a ##value## Unfortunately that means the problem isn't solved yet... The code generated by your example is the following: <input type="hidden" name="$module_name$[_csrf_token]" id="$module_name $__csrf_token" /> Any thoughts..? Thanks, Marijn > > csrf_secret: my super token > > Thomas > > On Tue, Apr 8, 2008 at 5:44 PM, Marijn <[EMAIL PROTECTED]> wrote: > > > Hi Thomas, > > > Thanks for your quick reply. > > > in my view there was the following line of code for my csrf_token: > > <?php echo $form['_csrf_token'] ?> > > > If I use that or the code you gave me the hidden input tag is created > > but it has no value assigned to it. > > > Should the scfr_secret value in my config be wrapped in hash signs or > > can I just use some arbitrary string..? > > > Thanks, > > > Marijn > > > On Apr 8, 5:18 pm, "Thomas Rabaix" <[EMAIL PROTECTED]> wrote: > > > I am not 100% sure about that but you sould add a csrf secret in your > > > settings.yml > > > > all: > > > .settings: > > > # Form security secret (CSRF protection) > > > csrf_secret: ##CSRF_SECRET## # Unique secret to enable > > > CSRF protection or false to disable > > > > In the view, check that field csrf is present, if not add > > > > <?= $form[$form->getCSRFFieldName()]->render() ?> > > > > Thomas > > > > On Tue, Apr 8, 2008 at 5:10 PM, Marijn <[EMAIL PROTECTED]> wrote: > > > > > Hi everybody, > > > > > I am having trouble finding documentation about csrf support in > > > > symfony 1.1. When I generate crud actions for a Model and try to > > > > populate it with data by using the create web interface it says that > > > > csrf_token is required. > > > > > Anybody here who knows this problem or who can tell me what I am doing > > > > wrong? I haven't changed a thing after generating the crud actions. > > > > > Thanks, > > > > > Marijn --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---