From 3a2a71447500f7776eb4af6b7e8e4b9014dc44fd Mon Sep 17 00:00:00 2001
From: Christian Flothmann <christian.flothmann@xabbuh.de>
Date: Sat, 30 Jan 2016 23:13:23 +0100
Subject: [PATCH] revert form login CSRF changes on wrong branch

---
 cookbook/security/csrf_in_login_form.rst | 14 +++++++-------
 reference/configuration/security.rst     |  4 ++--
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/cookbook/security/csrf_in_login_form.rst b/cookbook/security/csrf_in_login_form.rst
index 5eabdab0da3..1a213fb0d8c 100644
--- a/cookbook/security/csrf_in_login_form.rst
+++ b/cookbook/security/csrf_in_login_form.rst
@@ -33,7 +33,7 @@ provider available in the Security component:
                     # ...
                     form_login:
                         # ...
-                        csrf_token_generator: security.csrf.token_manager
+                        csrf_provider: security.csrf.token_manager
 
     .. code-block:: xml
 
@@ -50,7 +50,7 @@ provider available in the Security component:
 
                 <firewall name="secured_area">
                     <!-- ... -->
-                    <form-login csrf-token-generator="security.csrf.token_manager" />
+                    <form-login csrf-provider="security.csrf.token_manager" />
                 </firewall>
             </config>
         </srv:container>
@@ -66,7 +66,7 @@ provider available in the Security component:
                     // ...
                     'form_login' => array(
                         // ...
-                        'csrf_token_generator' => 'security.csrf.token_manager',
+                        'csrf_provider' => 'security.csrf.token_manager',
                     ),
                 ),
             ),
@@ -122,7 +122,7 @@ After this, you have protected your login form against CSRF attacks.
 .. tip::
 
     You can change the name of the field by setting ``csrf_parameter`` and change
-    the token ID by setting  ``csrf_token_id`` in your configuration:
+    the token ID by setting  ``intention`` in your configuration:
 
     .. configuration-block::
 
@@ -138,7 +138,7 @@ After this, you have protected your login form against CSRF attacks.
                         form_login:
                             # ...
                             csrf_parameter: _csrf_security_token
-                            csrf_token_id: a_private_string
+                            intention: a_private_string
 
         .. code-block:: xml
 
@@ -156,7 +156,7 @@ After this, you have protected your login form against CSRF attacks.
                     <firewall name="secured_area">
                         <!-- ... -->
                         <form-login csrf-parameter="_csrf_security_token"
-                            csrf-token-id="a_private_string"
+                            intention="a_private_string"
                         />
                     </firewall>
                 </config>
@@ -174,7 +174,7 @@ After this, you have protected your login form against CSRF attacks.
                         'form_login' => array(
                             // ...
                             'csrf_parameter' => '_csrf_security_token',
-                            'csrf_token_id'     => 'a_private_string'
+                            'intention'      => 'a_private_string'
                         ),
                     ),
                 ),
diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
index 01d2b1e72c2..77b2f0531a6 100644
--- a/reference/configuration/security.rst
+++ b/reference/configuration/security.rst
@@ -162,8 +162,8 @@ Each part will be explained in the next section.
 
                         # csrf token options
                         csrf_parameter:       _csrf_token
-                        csrf_token_id:        authenticate
-                        csrf_token_generator: my.csrf_token_generator.id
+                        intention:            authenticate
+                        csrf_provider:        my.csrf_token_generator.id
 
                         # by default, the login form *must* be a POST, not a GET
                         post_only:      true

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/6207.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/6207.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/6207.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/6207.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>