This also works with symfony 1.2 :) Am 11.12.2009 um 08:41 schrieb Alexandru-Emil Lupu <[email protected]>:
> if you are using sf > 1.2 then you just need to set that > csrf_secret ... > > On Fri, Dec 11, 2009 at 9:38 AM, DEEPAK BHATIA <[email protected] > > wrote: >> Hi, >> >> In the symfony guide, it is given that >> >> all: >> .settings: >> # Form security secret (CSRF protection) >> csrf_secret: false # Unique secret to enable CSRF >> protection >> or false to disable >> # Output escaping settings >> escaping_strategy: true # Determines how >> variables are >> made available to templates. Accepted values: on, off. >> escaping_method: ESC_SPECIALCHARS # Function or helper >> used for >> escaping. Accepted values: ESC_RAW, ESC_ENTITIES, ESC_JS, >> ESC_JS_NO_ENTITIES, and ESC_SPECIALCHARS. >> >> ==============Question======================================== >> >> 1. Do I need to install the CSRF plugin or I can simply set the >> csrf - >> unique secret in settings.yml ? >> >> Thanks >> >> Deepak Bhatia >> >> On Fri, Dec 11, 2009 at 12:36 PM, Alexandru-Emil Lupu <[email protected] >> > >> wrote: >>> >>> By implementing functional tests? Maybe?! >>> >>> Sent via HTC magic >>> >>> On Dec 11, 2009 8:51 AM, "DEEPAK BHATIA" <[email protected]> >>> wrote: >>> >>> Hi, >>> >>> We have a plugin to solve the problem of CSRF in Symfony. >>> >>> http://www.symfony-project.org/plugins/sfCSRFPlugin >>> >>> How can I check whether this is implemented correctly ? >>> >>> Regards >>> >>> Deepak Bhatia >>> >>> >>> -- >>> >>> You received this message because you are subscribed to the Google >>> Groups >>> "symfony users" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/symfony-users?hl=en. >>> >>> -- >>> >>> You received this message because you are subscribed to the Google >>> Groups >>> "symfony users" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/symfony-users?hl=en. >> >> -- >> >> You received this message because you are subscribed to the Google >> Groups >> "symfony users" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/symfony-users?hl=en. >> > > > > -- > Have a nice day! > Alecs > > As programmers create bigger & better idiot proof programs, so the > universe creates bigger & better idiots! > I am on web: http://www.alecslupu.ro/ > I am on twitter: http://twitter.com/alecslupu > I am on linkedIn: http://www.linkedin.com/in/alecslupu > Tel: (+4)0748.543.798 > > -- > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected] > . > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > . > > -- You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.
