doc: add notes about CSRF and Form requirements (#98)

zenstruck · Sep 27, 2024 · 79df644 · 79df644
1 parent 2700e1c
commit 79df644
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -201,6 +201,13 @@ bin/console messenger:monitor:schedule:purge --remove-orphans
 
 ## User Interface
 
+> [!NOTE]
+> `symfony/form` (`composer require symfony/form`) is required for the UI.
+
+> [!NOTE]
+> If using `symfony/scheduler` and the UI, `symfony/security-csrf` (`composer require symfony/security-csrf`) is required.
+> CSRF protection and sessions must also be enabled in your `config/packages/framework.yaml`.
+
 > [!NOTE]
 > [Storage](#storage) must be configured for this feature.
 

diff --git a/composer.json b/composer.json
@@ -41,7 +41,9 @@
     "suggest": {
         "knplabs/knp-time-bundle": "For human readable timestamps and durations on your dashboard.",
         "lorisleiva/cron-translator": "For human readable cron expressions on your dashboard.",
-        "symfony/ux-live-component": "For Live Components"
+        "symfony/ux-live-component": "For Live Components",
+        "symfony/form": "For the UI",
+        "symfony/security-csrf": "For CSRF token used in UI Ajax calls"
     },
     "config": {
         "preferred-install": "dist",