Returns the current CSRF protection token. A new one is created when needed, depending on the configured CSRF
protection strategy.
| public getCsrfProtectionToken ( ) : string | ||
| return | string | |
/**
* Render the a hidden field with a CSRF token
*
* @return string the CSRF token field
*/
protected function renderCsrfTokenField()
{
if (strtolower($this->arguments['method']) === 'get') {
return '';
}
if (!$this->securityContext->isInitialized() || !$this->authenticationManager->isAuthenticated()) {
return '';
}
$csrfToken = $this->securityContext->getCsrfProtectionToken();
return '<input type="hidden" name="__csrfToken" value="' . htmlspecialchars($csrfToken) . '" />' . chr(10);
}
/**
* @return string
*/
public function render()
{
return $this->securityContext->getCsrfProtectionToken();
}
