/**
  * Boots the Bundle.
  */
 public function boot()
 {
     if ($this->container->has('error_handler')) {
         $this->container->get('error_handler');
     }
     if ($this->container->hasParameter('csrf_secret')) {
         FormConfiguration::addDefaultCsrfSecret($this->container->getParameter('csrf_secret'));
         FormConfiguration::enableDefaultCsrfProtection();
     }
     $container = $this->container;
     // the session ID should always be included in the CSRF token, even
     // if default CSRF protection is not enabled
     FormConfiguration::addDefaultCsrfSecret(function () use($container) {
         // automatically starts the session when the CSRF token is
         // generated
         $container->get('session')->start();
         return $container->get('session')->getId();
     });
 }
Exemple #2
0
 public function testDefaultCsrfSecretsCanBeAddedAsClosures()
 {
     FormConfiguration::addDefaultCsrfSecret(function () {
         return 'foobar';
     });
     $form = new Form('author', new Author(), $this->validator);
     $form->enableCsrfProtection('_token', 'secret');
     $this->assertEquals(md5('secret' . get_class($form) . 'foobar'), $form['_token']->getData());
 }