English spoken conference
Talks Workshops Register
Front cover of the Symfony 5: The Fast Track book

Symfony 5: The Fast Track

A new book to learn about developing modern Symfony 5 applications.

Support this project

  1. Home
  2. Documentation
  3. Controller
  4. How to Manually Validate a CSRF Token in a Controller

How to Manually Validate a CSRF Token in a Controller

3.4 version
Unmaintained
2.7 2.8 3.0 3.1 3.2 3.3
edit this page

How to Manually Validate a CSRF Token in a ControllerΒΆ

Sometimes, you want to use CSRF protection in an action where you do not want to use the Symfony Form component. If, for example, you are implementing a DELETE action, you can use the isCsrfTokenValid() method to check the validity of a CSRF token:

1
2
3
4
5
6
public function deleteAction()
{
    if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
        // ... do something, like deleting an object
    }
}

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.