/** * @inheritdoc */ public function beforeAction($action) { if (!$this->validate || !$this->request->isMethods($this->verbs)) { return true; } $this->compare = $this->getCompare(); if (!$this->csrf->check($this->compare)) { $this->response->setStatusCode(403, 'Invalid CSRF-token.'); if ($this->throwException === true) { throw new CSRFFilterException('Invalid CSRF-token.'); } return false; } return true; }
/** * Available Request Method. * * @param string[] $verbs * @return bool */ protected function hasVerbs(array $verbs) { if (in_array('*', $verbs, true)) { return true; } return $this->request->isMethods($verbs); }
/** * Available http-methods. * @param string[] $httpMethods * @return bool */ protected function checkHttpMethods(array $httpMethods) { if (in_array('*', $httpMethods, true)) { return true; } if (!$this->request->isMethods($httpMethods)) { $this->errors |= self::E_VERBS; return false; } return true; }