Skip to content
Permalink
Browse files

Clarify configuration options for CsrfProtectionMiddleware

Refs #12294
  • Loading branch information...
markstory committed Jun 27, 2018
1 parent 87365d6 commit f8fb7b61caae901d812a1eefd0555a83924ae076
Showing with 6 additions and 5 deletions.
  1. +6 −5 src/Http/Middleware/CsrfProtectionMiddleware.php
@@ -40,11 +40,12 @@ class CsrfProtectionMiddleware
/**
* Default config for the CSRF handling.
*
* - `cookieName` = The name of the cookie to send.
* - `expiry` = How long the CSRF token should last. Defaults to browser session.
* - `secure` = Whether or not the cookie will be set with the Secure flag. Defaults to false.
* - `httpOnly` = Whether or not the cookie will be set with the HttpOnly flag. Defaults to false.
* - `field` = The form field to check. Changing this will also require configuring
* - `cookieName` The name of the cookie to send.
* - `expiry` A strotime compatible value of how long the CSRF token should last.
* Defaults to browser session.
* - `secure` Whether or not the cookie will be set with the Secure flag. Defaults to false.
* - `httpOnly` Whether or not the cookie will be set with the HttpOnly flag. Defaults to false.
* - `field` The form field to check. Changing this will also require configuring
* FormHelper.
*
* @var array

0 comments on commit f8fb7b6

Please sign in to comment.
You can’t perform that action at this time.