public function onKernalResponse(\Event $event) { $response = $event->getResponse(); if ($response instanceof \Response || $response instanceof \RedirectResponse || $response instanceof \JsonResponse) { $response->send(); } \EventDispatcher::dispatch(KernalEvent::HTTPFINISH, new HttpEvent($event->getRequest(), $response)); }
public function onKernalRequest(\Event $event) { $request = $event->getRequest(); if (strtoupper($request->getMethod()) == "POST" && \Config::get("session::csrf_check")) { if (!$request->request->get('csrf_token')) { throw new \Exception("缺少csrf_token参数!", 1); } $csrfProvider = new CsrfSessionService(); if (!$csrfProvider->isCsrfTokenValid($request->request->get('csrf_token'))) { throw new \Exception("csrf_token参数验证失败!", 1); } } }