Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Clarify configuration options for CsrfProtectionMiddleware
Refs #12294
  • Loading branch information
markstory committed Jun 27, 2018
1 parent 87365d6 commit f8fb7b6
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions src/Http/Middleware/CsrfProtectionMiddleware.php
Expand Up @@ -40,11 +40,12 @@ class CsrfProtectionMiddleware
/**
* Default config for the CSRF handling.
*
* - `cookieName` = The name of the cookie to send.
* - `expiry` = How long the CSRF token should last. Defaults to browser session.
* - `secure` = Whether or not the cookie will be set with the Secure flag. Defaults to false.
* - `httpOnly` = Whether or not the cookie will be set with the HttpOnly flag. Defaults to false.
* - `field` = The form field to check. Changing this will also require configuring
* - `cookieName` The name of the cookie to send.
* - `expiry` A strotime compatible value of how long the CSRF token should last.
* Defaults to browser session.
* - `secure` Whether or not the cookie will be set with the Secure flag. Defaults to false.
* - `httpOnly` Whether or not the cookie will be set with the HttpOnly flag. Defaults to false.
* - `field` The form field to check. Changing this will also require configuring
* FormHelper.
*
* @var array
Expand Down

0 comments on commit f8fb7b6

Please sign in to comment.