/** * Construct * * @param CsrfProviderInterface $defaultCsrfProvider * @param bool $defaultEnabled * @param string $defaultFieldName * @param TranslatorInterface $translator * @param null $translationDomain * @param Request $request */ public function __construct(CsrfProviderInterface $defaultCsrfProvider, $defaultEnabled = true, $defaultFieldName = '_token', TranslatorInterface $translator = null, $translationDomain = null, Request $request = null) { // Check if we have a valid CSRF Token from RestFormCsrfSubscriber, if so turn off CSRF protection by default // This allows controllers to force their own CSRF protection for forms that require extra security. if ($request->getMethod() != 'GET' && $request->attributes->has('_rest_csrf_valid') && $request->attributes->get('_rest_csrf_valid') == true) { $defaultEnabled = false; } parent::__construct($defaultCsrfProvider, $defaultEnabled, $defaultFieldName, $translator, $translationDomain); }
public function __construct(CsrfTokenManagerInterface $defaultTokenManager, $defaultEnabled = true, $defaultFieldName = '_token', TranslatorInterface $translator = null, $translationDomain = null) { parent::__construct($defaultTokenManager, $defaultEnabled, $defaultFieldName, $translator, $translationDomain); }