From 673c1dd2469f31596ba8932b36ec2251a6d07096 Mon Sep 17 00:00:00 2001 From: Henry Snoek Date: Sat, 21 May 2016 13:39:59 +0200 Subject: [PATCH 1/2] 6338 use csrfManager instead of csrfProvider --- components/form/introduction.rst | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/components/form/introduction.rst b/components/form/introduction.rst index 8ecfae5b692..cff5b8794d6 100644 --- a/components/form/introduction.rst +++ b/components/form/introduction.rst @@ -179,10 +179,14 @@ that help you render the HTML widget, label and error for each field (as well as a few other things). To configure the integration, you'll need to bootstrap or access Twig and add the :class:`Symfony\\Bridge\\Twig\\Extension\\FormExtension`:: - use Symfony\Component\Form\Forms; use Symfony\Bridge\Twig\Extension\FormExtension; use Symfony\Bridge\Twig\Form\TwigRenderer; use Symfony\Bridge\Twig\Form\TwigRendererEngine; + use Symfony\Component\Form\Forms; + use Symfony\Component\HttpFoundation\Session\Session; + use Symfony\Component\Security\Csrf\CsrfTokenManager; + use Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage; + use Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator; // the Twig file that holds all the default markup for rendering forms // this file comes with TwigBridge @@ -202,9 +206,17 @@ to bootstrap or access Twig and add the :class:`Symfony\\Bridge\\Twig\\Extension ))); $formEngine = new TwigRendererEngine(array($defaultFormTheme)); $formEngine->setEnvironment($twig); + + // create a Session object from the HttpFoundation component + $session = new Session(); + + $csrfGenerator = new UriSafeTokenGenerator(); + $csrfStorage = new SessionTokenStorage($session); + $csrfManager = new CsrfTokenManager($csrfGenerator, $csrfStorage); + // add the FormExtension to Twig $twig->addExtension( - new FormExtension(new TwigRenderer($formEngine, $csrfProvider)) + new FormExtension(new TwigRenderer($formEngine, $csrfManager)) ); // create your form factory as normal From d4ec824697413c86649bcfe1fb35302a978e022a Mon Sep 17 00:00:00 2001 From: Henry Snoek Date: Sat, 21 May 2016 13:56:36 +0200 Subject: [PATCH 2/2] 6338 refer to previous code example for $csrfManager definition --- components/form/introduction.rst | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/components/form/introduction.rst b/components/form/introduction.rst index cff5b8794d6..93f833435b5 100644 --- a/components/form/introduction.rst +++ b/components/form/introduction.rst @@ -179,14 +179,10 @@ that help you render the HTML widget, label and error for each field (as well as a few other things). To configure the integration, you'll need to bootstrap or access Twig and add the :class:`Symfony\\Bridge\\Twig\\Extension\\FormExtension`:: + use Symfony\Component\Form\Forms; use Symfony\Bridge\Twig\Extension\FormExtension; use Symfony\Bridge\Twig\Form\TwigRenderer; use Symfony\Bridge\Twig\Form\TwigRendererEngine; - use Symfony\Component\Form\Forms; - use Symfony\Component\HttpFoundation\Session\Session; - use Symfony\Component\Security\Csrf\CsrfTokenManager; - use Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage; - use Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator; // the Twig file that holds all the default markup for rendering forms // this file comes with TwigBridge @@ -207,12 +203,7 @@ to bootstrap or access Twig and add the :class:`Symfony\\Bridge\\Twig\\Extension $formEngine = new TwigRendererEngine(array($defaultFormTheme)); $formEngine->setEnvironment($twig); - // create a Session object from the HttpFoundation component - $session = new Session(); - - $csrfGenerator = new UriSafeTokenGenerator(); - $csrfStorage = new SessionTokenStorage($session); - $csrfManager = new CsrfTokenManager($csrfGenerator, $csrfStorage); + // ... (see the previous CSRF Protection section for more information) // add the FormExtension to Twig $twig->addExtension(