Source: ~/modules/system/traits/SecurityController.php

Security Controller Trait Adds cross-site scripting protection methods to a controller based class

Protected methods

protected Symfony\Component\HttpFoundation\Cookie makeXsrfCookie()

Adds anti-CSRF cookie. Adds a cookie with a token for CSRF checks to the response.

protected bool verifyCsrfToken()

Checks the request data / headers for a valid CSRF token. Returns false if a valid token is not found. Override this method to disable the check.

protected bool verifyForceSecure()

Checks if the back-end should force a secure protocol (HTTPS) enabled by config.