Hello,
thanks for your answer.
I didnt want to use a form...
Could you tell me more about the second way you mentioned ?
Thank you
Am 31.08.2010 08:11, schrieb Benoit Montuelle:
Hello,
If you use a form to generate CSRF token, juste put a method="get" attribute in
your form opening tag.
Otherwise I think you could use a specific route with named parameter, and use
a form only to generate and validate the token.
Benoit
-----Original Message-----
From: Super-OTR.de<[email protected]>
Sent: mardi 31 août 2010 00:28
To: symfony users<[email protected]>
Subject: [symfony-users] CSRF Protection via GET
Hello,
is it possible to use the CSRF Protectionf or GET Links ? So its just
another variable /protection/xxxxxxxx .
Thanks
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
