Skip to content

[Security] Add usage example for #[IsCsrfTokenValid attribute on controller classes #20975

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 22, 2025
Merged

[Security] Add usage example for #[IsCsrfTokenValid attribute on controller classes #20975

merged 1 commit into from
May 22, 2025
+14 −0

Conversation

santysisi
Copy link
Contributor

This PR updates the documentation to demonstrate how the IsCsrfTokenValid attribute can be applied directly to a controller class.

By applying this attribute at the class level, CSRF token validation will be automatically executed for all routes defined within the controller, ensuring consistent security across all actions without needing to annotate each method individually.

The example includes the appropriate use statements and a sample controller implementation for clarity.

@carsonbot carsonbot added this to the 7.3 milestone May 18, 2025
@javiereguiluz javiereguiluz modified the milestones: 7.3, 7.2 May 22, 2025
@javiereguiluz javiereguiluz changed the base branch from 7.3 to 7.2 May 22, 2025 15:42
@javiereguiluz javiereguiluz requested a review from xabbuh as a code owner May 22, 2025 15:42
@javiereguiluz javiereguiluz force-pushed the iscsrftokenvalid-controller-usage branch from 76c0473 to f97b8d5 Compare May 22, 2025 15:42
@OskarStark OskarStark changed the title [Security] Add usage example for IsCsrfTokenValid attribute on controller classes [Security] Add usage example for #[IsCsrfTokenValid attribute on controller classes May 22, 2025
@javiereguiluz javiereguiluz merged commit 9032cf6 into symfony:7.2 May 22, 2025
3 checks passed
@javiereguiluz
Copy link
Member

I like this. Merged! (in 7.2 and 7.3 branches). Thanks Santiago!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xabbuh xabbuh Awaiting requested review from xabbuh

Assignees
No one assigned
Labels
Security Status: Reviewed
Projects
None yet
Milestone
7.2
Development

Successfully merging this pull request may close these issues.
3 participants
@santysisi @javiereguiluz @carsonbot