简体繁体中英

Symfony lifetime CSRF token

原文 2018-07-17 09:17:54 8 1 php/ symfony/ security/ csrf

How can I get a lifetime (expires) of CSRF token in Symfony 3? I want to set the meta tag "refresh" on my login page in order to avoid errors with csrf token expired.

1 answers

Following is a better solution than changing the CSRF token lifetime .

However, the point behind CSRF tokens is that they change frequently so that nobody can try to steal one of those tokens and then use it to make a forged request. Here's the workflow I always used in my application. So, PHP Frameworks Doesn't matter logic remains the same I have done this process in Laravel, CodeIgniter, Symfony etc.

Request a CSRF token.
Use the token to make requests.
If the request fails because the token has expired, go to step 1.

Symfony 5: CSRF token is invalid

Get CSRF token in Listner symfony

Invalid CSRF token Symfony 5.4

Symfony2 links with CSRF token

Symfony 2. CSRF token is invalid

Symfony2 - Empty CSRF token

JQuery's $.post with CSRF token in Symfony2

Symfony isValid False CSRF token is invalid

Symfony 3.0.1 CSRF token present but invalid

CSRF token is always invalid on localhost - Symfony 4 forms

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Symfony 5: CSRF token is invalid Get CSRF token in Listner symfony Invalid CSRF token Symfony 5.4 Symfony2 links with CSRF token Symfony 2. CSRF token is invalid Symfony2 - Empty CSRF token JQuery's $.post with CSRF token in Symfony2 Symfony isValid False CSRF token is invalid Symfony 3.0.1 CSRF token present but invalid CSRF token is always invalid on localhost - Symfony 4 forms

Related Tags

Symfony lifetime CSRF token

Question

1 answers

solution1 2 ACCPTED 2018-07-17 10:22:36

solution1
2 ACCPTED 2018-07-17 10:22:36