stackoom
  简体   繁体   中英

How to use Symfony CSRF Tokens with React JS

 原文  2020-04-30 20:25:57       reactjs/ symfony/ csrf/ csrf-token

Question

I'm doing a SPA with Symfony and React JS, and my ask is how can I use the Symfony CSRF Token generator with react to avoid CSRF Attacks?

1 answers

solution1
 0  2020-04-30 22:05:09

If you develop an SPA, then you're also building an API on Symfony side. (that's usually what people do)

Since CSRF issue is only related to forms and not APIs (because they usually are stateless), then you just do not manage CSRF issue. If we usually do not have this problem, keep in mind that you still need to deal with it if you use cookies/sessions . If you do so, then I recommand you to read the documentation of the csrf component of Symfony .

More insights here: https://security.stackexchange.com/questions/166724/should-i-use-csrf-protection-on-rest-api-endpoints

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to use Access-Tokens for CRUD REACT JS react.js / axios - How to store csrf token in cookies Setup React/DRF without using CORS or CSRF tokens How to use csrf_token in Django RESTful API and React? How to securely store JWT tokens in react/next.js application? How to refresh JWT tokens in React.js Application? React/CSRF: Passing Back CSRF tokens without using forms and hidden input values How do you implement CSRF tokens in django rest framework? Is it possible to use the Symfony form component with React.js? How to successfully serve the react app through express js server and csrf token
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM