SecurityController Trait Adds cross-site scripting protection methods to a controller based class

Protected methods

protected void makeXsrfCookie()

makeXsrfCookie adds anti-CSRF cookie. Adds a cookie with a token for CSRF checks to the response.

protected bool verifyCsrfToken()

verifyCsrfToken checks if the request requires verification first (not GET, HEAD, OPTIONS) and then the request data / headers for a valid CSRF token. Returns false if a valid token is not found. Override this method to disable the check.

protected bool verifyForceSecure()

verifyForceSecure checks if the back-end should force a secure protocol (HTTPS) enabled by config.