CsrfFilter
extends Filter
in package
CSRF protection filter.
Validates CSRF tokens on POST, PUT, DELETE requests to prevent Cross-Site Request Forgery attacks.
Table of Contents
Properties
- $_csrfToken : CsrfToken
- $_exemptMethods : array<int, string>
Methods
- __construct() : mixed
- post() : mixed|null
- pre() : mixed|null
- validateCsrfToken() : void
- Validate CSRF token
- getTokenFromRequest() : string|null
- Get CSRF token from request
Properties
$_csrfToken
private
CsrfToken
$_csrfToken
$_exemptMethods
private
array<int, string>
$_exemptMethods
= ['GET', 'HEAD', 'OPTIONS']
Methods
__construct()
public
__construct(CsrfToken $csrfToken) : mixed
Parameters
- $csrfToken : CsrfToken
post()
public
post(RouteMap $route) : mixed|null
Parameters
- $route : RouteMap
Return values
mixed|nullpre()
public
pre(RouteMap $route) : mixed|null
Parameters
- $route : RouteMap
Return values
mixed|nullvalidateCsrfToken()
Validate CSRF token
protected
validateCsrfToken(RouteMap $route) : void
Parameters
- $route : RouteMap
Tags
getTokenFromRequest()
Get CSRF token from request
private
getTokenFromRequest() : string|null