CsrfFilter
extends Filter
in package
CSRF protection filter.
Validates CSRF tokens on POST, PUT, DELETE requests to prevent Cross-Site Request Forgery attacks.
Table of Contents
Properties
- $_csrfToken : CsrfToken
- $_exemptMethods : array<int, string>
- $_postFn : Closure|null
- $_preFn : Closure|null
Methods
- __construct() : mixed
- post() : mixed|null
- pre() : mixed|null
- validateCsrfToken() : void
- Validate CSRF token
- getTokenFromRequest() : string|null
- Get CSRF token from request
Properties
$_csrfToken
private
CsrfToken
$_csrfToken
$_exemptMethods
private
array<int, string>
$_exemptMethods
= ['GET', 'HEAD', 'OPTIONS']
$_postFn
private
Closure|null
$_postFn
$_preFn
private
Closure|null
$_preFn
Methods
__construct()
public
__construct(CsrfToken $csrfToken) : mixed
Parameters
- $csrfToken : CsrfToken
post()
public
post(RouteMap $route) : mixed|null
Parameters
- $route : RouteMap
Return values
mixed|nullpre()
public
pre(RouteMap $route) : mixed|null
Parameters
- $route : RouteMap
Return values
mixed|nullvalidateCsrfToken()
Validate CSRF token
protected
validateCsrfToken(RouteMap $route) : void
Parameters
- $route : RouteMap
Tags
getTokenFromRequest()
Get CSRF token from request
private
getTokenFromRequest() : string|null