diff --git a/book/controller.rst b/book/controller.rst
index fbfb0702f3f..0ec4a592693 100644
--- a/book/controller.rst
+++ b/book/controller.rst
@@ -440,7 +440,7 @@ If you want to redirect the user to another page, use the ``redirectToRoute()``
}
.. versionadded:: 2.6
- The ``redirectToRoute()`` method was added in Symfony 2.6. Previously (and still now), you
+ The ``redirectToRoute()`` method was introduced in Symfony 2.6. Previously (and still now), you
could use ``redirect()`` and ``generateUrl()`` together for this (see the example above).
Or, if you want to redirect externally, just use ``redirect()`` and pass it the URL::
@@ -811,6 +811,29 @@ Just like when creating a controller for a route, the order of the arguments of
order of the arguments, Symfony will still pass the correct value to each
variable.
+Validating a CSRF Token
+-----------------------
+
+Sometimes, you want to use CSRF protection in an action where you don't want to
+use the Symfony Form component. If, for example, you're doing a DELETE action,
+you can use the :method:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller::isCsrfTokenValid`
+method to check the CSRF token::
+
+ if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
+ // ... do something, like deleting an object
+ }
+
+.. versionadded:: 2.6
+ The ``isCsrfTokenValid()`` shortcut method was introduced in Symfony 2.6.
+ It is equivalent to executing the following code:
+
+ .. code-block:: php
+
+ use Symfony\Component\Security\Csrf\CsrfToken;
+
+ $this->get('security.csrf.token_manager')
+ ->isTokenValid(new CsrfToken('token_id', 'TOKEN'));
+
Final Thoughts
--------------
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy