Huum, form_tag doesn't aim to create the form, or render CSRF fields, just ouput the <form ....> tag, add attributes if you are using files, method = POST...
But nothing more than <form ...> Creation of the form must be done in controller. And in controller, you are OK to add CSRF 2009/11/30 Tommy <[email protected]> > Thanks for your reply. > I am using csrf_secret already. I used link_to() together with > $request->checkCSRFProtection(); And it works fine. > > My question is that how to use checkCSRFProtection with a form created > by form_tag() function. > The form doesn't have _csrf_token, so the outcome is Internal Server > Error when i submit the form. > > Thanks in advance. > > > On Nov 28, 8:35 am, Alexandre SALOME <[email protected]> > wrote: > > Enable it in your settings.yml (see > > documentation< > http://www.symfony-project.org/reference/1_4/fr/04-Settings#chapter_0...> > > ) > > > > 2009/11/27 Tommy <[email protected]> > > > > > > > > > Hello, > > > can i enable CSRF protection using form_tag ?? > > > If it is not possible...Is there a way to create a sfForm using > > > CSRF protection??? > > > btw, link_to with method = post CSRF protection works perfectly. I > > > am using symfony 1.3. > > > Thanks! > > > > > -- > > > > > You received this message because you are subscribed to the Google > Groups > > > "symfony users" group. > > > To post to this group, send email to [email protected]. > > > To unsubscribe from this group, send email to > > > [email protected]<symfony-users%[email protected]> > <symfony-users%[email protected]<symfony-users%[email protected]> > > > > > . > > > For more options, visit this group at > > >http://groups.google.com/group/symfony-users?hl=en. > > > > -- > > Alexandre Salomé -- [email protected] > > -- > > You received this message because you are subscribed to the Google Groups > "symfony users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<symfony-users%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en. > > > -- Alexandre Salomé -- [email protected] -- You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.
