Returns the current CSRF protection token. A new one is created when needed, depending on the configured CSRF
protection strategy.
public getCsrfProtectionToken ( ) : string | ||
return | string |
/** * Render the a hidden field with a CSRF token * * @return string the CSRF token field */ protected function renderCsrfTokenField() { if (strtolower($this->arguments['method']) === 'get') { return ''; } if (!$this->securityContext->isInitialized() || !$this->authenticationManager->isAuthenticated()) { return ''; } $csrfToken = $this->securityContext->getCsrfProtectionToken(); return '<input type="hidden" name="__csrfToken" value="' . htmlspecialchars($csrfToken) . '" />' . chr(10); }
/** * @return string */ public function render() { return $this->securityContext->getCsrfProtectionToken(); }