Support CSRF protection token of Symfony's form component #2132

stollr · 2023-09-12T08:25:03Z

This PR adds support of the CSRF protection token which is created by the Symfony form component if the csrf_protection option is enabled.

As soon as this option is enabled a corresponding property will be added to the schema.

This PR addresses #2120.

There already was another PR (#411) some years ago, but it wasn't merged. I'd be happy if this could be accepted.

stollr · 2023-12-22T15:16:12Z

@GuilhemN I'd be really happy if you could have a look at this addition.

…elmio#2120)

DjordyKoert · 2024-01-09T09:26:26Z

I would also like to see a functional test for this https://github.com/nelmio/NelmioApiDocBundle/tree/master/Tests/Functional/Form 😄

…or to PHP 8.0

stollr · 2024-01-09T15:11:55Z

@DjordyKoert I have added a functional test, now.

DjordyKoert · 2024-01-09T20:59:35Z

Thank you, could you please also write a test which shows the behaviour when using configureOptions() https://symfony.com/doc/current/security/csrf.html#csrf-protection-in-symfony-forms 😄

…t loaded

stollr · 2024-01-10T13:35:58Z

@DjordyKoert I have added some edge case handling and more tests. What do you think now?

DjordyKoert · 2024-01-26T12:06:26Z

Thank you @stollr!

stollr force-pushed the form_csrf_support branch from b7e3636 to d3a4bfc Compare December 22, 2023 15:19

Support CSRF protection token of Symfony's form component (implements n…

467ef2d

…elmio#2120)

stollr force-pushed the form_csrf_support branch from d3a4bfc to 467ef2d Compare January 9, 2024 08:46

stollr added 3 commits January 9, 2024 11:05

Made unit test of form model describer compatible to php versions pri…

36ecb17

…or to PHP 8.0

Added functional test for csrf token description in form models

eaaea92

Fixed code style in tests

6eaf3fe

stollr force-pushed the form_csrf_support branch from f97e7c4 to 6eaf3fe Compare January 9, 2024 14:38

stollr added 3 commits January 10, 2024 14:29

Handle enabled csrf_protection in form describer if form extension no…

1086add

…t loaded

Added and improved tests for csrf form token description

232023e

Fixed StyleCI issues in test controller

6f351e2

DjordyKoert added 2 commits January 26, 2024 13:00

Merge branch 'master' into fork/form_csrf_support

f029d41

update baseline

5308275

DjordyKoert merged commit b96c263 into nelmio:master Jan 26, 2024
12 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support CSRF protection token of Symfony's form component #2132

Support CSRF protection token of Symfony's form component #2132

stollr commented Sep 12, 2023 •

edited

Loading

stollr commented Dec 22, 2023

DjordyKoert commented Jan 9, 2024

stollr commented Jan 9, 2024

DjordyKoert commented Jan 9, 2024

stollr commented Jan 10, 2024

DjordyKoert commented Jan 26, 2024

Support CSRF protection token of Symfony's form component #2132

Support CSRF protection token of Symfony's form component #2132

Conversation

stollr commented Sep 12, 2023 • edited Loading

stollr commented Dec 22, 2023

DjordyKoert commented Jan 9, 2024

stollr commented Jan 9, 2024

DjordyKoert commented Jan 9, 2024

stollr commented Jan 10, 2024

DjordyKoert commented Jan 26, 2024

stollr commented Sep 12, 2023 •

edited

Loading