/**
* Boots the Bundle.
*/
public function boot()
{
if ($this->container->has('error_handler')) {
$this->container->get('error_handler');
}
if ($this->container->hasParameter('csrf_secret')) {
FormConfiguration::addDefaultCsrfSecret($this->container->getParameter('csrf_secret'));
FormConfiguration::enableDefaultCsrfProtection();
}
$container = $this->container;
// the session ID should always be included in the CSRF token, even
// if default CSRF protection is not enabled
FormConfiguration::addDefaultCsrfSecret(function () use($container) {
// automatically starts the session when the CSRF token is
// generated
$container->get('session')->start();
return $container->get('session')->getId();
});
}
public function testDefaultCsrfSecretsCanBeAddedAsClosures()
{
FormConfiguration::addDefaultCsrfSecret(function () {
return 'foobar';
});
$form = new Form('author', new Author(), $this->validator);
$form->enableCsrfProtection('_token', 'secret');
$this->assertEquals(md5('secret' . get_class($form) . 'foobar'), $form['_token']->getData());
}
