/**
* Returns a CSRF token.
*
* Use this helper for CSRF protection without the overhead of creating a
* form.
*
* <code>
* echo $view['form']->csrfToken('rm_user_'.$user->getId());
* </code>
*
* Check the token in your action using the same intention.
*
* <code>
* $csrfProvider = $this->get('security.csrf.token_generator');
* if (!$csrfProvider->isCsrfTokenValid('rm_user_'.$user->getId(), $token)) {
* throw new \RuntimeException('CSRF attack detected.');
* }
* </code>
*
* @param string $intention The intention of the protected action
*
* @return string A CSRF token
*
* @throws \BadMethodCallException When no CSRF provider was injected in the constructor.
*/
public function csrfToken($intention)
{
return $this->renderer->renderCsrfToken($intention);
}
/**
* Returns a CSRF token.
*
* Use this helper for CSRF protection without the overhead of creating a
* form.
*
* <code>
* echo $view['form']->csrfToken('rm_user_'.$user->getId());
* </code>
*
* Check the token in your action using the same CSRF token id.
*
* <code>
* $csrfProvider = $this->get('security.csrf.token_generator');
* if (!$csrfProvider->isCsrfTokenValid('rm_user_'.$user->getId(), $token)) {
* throw new \RuntimeException('CSRF attack detected.');
* }
* </code>
*
* @param string $tokenId The CSRF token id of the protected action
*
* @return string A CSRF token
*
* @throws \BadMethodCallException When no CSRF provider was injected in the constructor.
*/
public function csrfToken($tokenId)
{
return $this->renderer->renderCsrfToken($tokenId);
}
