-
Notifications
You must be signed in to change notification settings - Fork 89
initialising csrf protector with parameters for different behaviors
minhaz edited this page Aug 14, 2014
·
2 revisions
init function in csrfprotector class accepts parameters that allow developers to override default configurations (as those in files). csrfprotector::init looks like
public static function init($length = null, $action = null) {
/* ... */
}The parameter $length shall be used to set custom length for token_length for that page.
The parameter $action (array) shall be used to set custom action for failed validation for that page.
include_once __DIR__ ."/libs/csrf/csrfprotector.php";
csrfprotector::init(25);The above example, makes sure the length of csrf_token is 25 charecters
include_once __DIR__ ."/libs/csrf/csrfprotector.php";
csrfprotector::init(25, array(0,2));The above example, makes sure the length of csrf_token is 25 charecters & default action taken is strip in case of failed validation for GET request & forbidden for POST request
PS: wiki still under development. Please create a Github issue for any correction.