Exemplo n.º 1
0
 /**
  * Checks for the CSRF token and throws 401 exception if invalid.
  *
  * @param  $event
  * @throws UnauthorizedException
  */
 public function onRequest($event, $request)
 {
     $this->provider->setToken($request->get('_csrf', $request->headers->get('X-XSRF-TOKEN')));
     if ($request->attributes->get('_request[csrf]', false, true) && !$this->provider->validate()) {
         throw new CsrfException('Invalid CSRF token.');
     }
 }
Exemplo n.º 2
0
 /**
  * Checks for the CSRF token and throws 401 exception if invalid.
  *
  * @param  $event
  * @throws UnauthorizedException
  */
 public function onRequest($event, $request)
 {
     $this->provider->setToken($request->get('_csrf', $request->headers->get('X-XSRF-TOKEN')));
     $attributes = $request->attributes->get('_request', []);
     if (isset($attributes['csrf']) && !$this->provider->validate()) {
         throw new CsrfException('Invalid CSRF token.');
     }
 }