System\Traits\SecurityController

Overview

SecurityController Trait Adds cross-site scripting protection methods to a controller based class


Protected Methods

protected makeXsrfCookie()

protected makeXsrfCookie(): Symfony\Component\HttpFoundation\Cookie 

makeXsrfCookie adds anti-CSRF cookie. Adds a cookie with a token for CSRF checks to the response.

protected verifyCsrfToken()

protected verifyCsrfToken(): bool 

verifyCsrfToken checks if the request requires verification first (not GET, HEAD, OPTIONS) and then the request data / headers for a valid CSRF token. Returns false if a valid token is not found. Override this method to disable the check.

protected verifyForceSecure()

protected verifyForceSecure(): bool 

verifyForceSecure checks if the back-end should force a secure protocol (HTTPS) enabled by config.