diff options
| author | Nicolas LÅ“uillet <nicolas.loeuillet@gmail.com> | 2013-08-04 17:50:34 +0200 |
|---|---|---|
| committer | Nicolas LÅ“uillet <nicolas.loeuillet@gmail.com> | 2013-08-04 17:50:34 +0200 |
| commit | 46b77928f746a4231d064774b5b67fd892c7ce86 (patch) | |
| tree | e3ea690b3f0def1744ddae758923cf92171ef985 /vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php | |
| parent | 68abd9c71b1d2f7bb2e9d21819584d1d15005b25 (diff) | |
| download | wallabag-46b77928f746a4231d064774b5b67fd892c7ce86.tar.gz wallabag-46b77928f746a4231d064774b5b67fd892c7ce86.tar.zst wallabag-46b77928f746a4231d064774b5b67fd892c7ce86.zip | |
rm vendor
Diffstat (limited to 'vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php')
| -rw-r--r-- | vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php b/vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php deleted file mode 100644 index 7143b130..00000000 --- a/vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php +++ /dev/null | |||
| @@ -1,49 +0,0 @@ | |||
| 1 | <?php | ||
| 2 | |||
| 3 | /* | ||
| 4 | * This file is part of the Symfony package. | ||
| 5 | * | ||
| 6 | * (c) Fabien Potencier <fabien@symfony.com> | ||
| 7 | * | ||
| 8 | * For the full copyright and license information, please view the LICENSE | ||
| 9 | * file that was distributed with this source code. | ||
| 10 | */ | ||
| 11 | |||
| 12 | namespace Symfony\Component\Form\Extension\Csrf\CsrfProvider; | ||
| 13 | |||
| 14 | /** | ||
| 15 | * Marks classes able to provide CSRF protection | ||
| 16 | * | ||
| 17 | * You can generate a CSRF token by using the method generateCsrfToken(). To | ||
| 18 | * this method you should pass a value that is unique to the page that should | ||
| 19 | * be secured against CSRF attacks. This value doesn't necessarily have to be | ||
| 20 | * secret. Implementations of this interface are responsible for adding more | ||
| 21 | * secret information. | ||
| 22 | * | ||
| 23 | * If you want to secure a form submission against CSRF attacks, you could | ||
| 24 | * supply an "intention" string. This way you make sure that the form can only | ||
| 25 | * be submitted to pages that are designed to handle the form, that is, that use | ||
| 26 | * the same intention string to validate the CSRF token with isCsrfTokenValid(). | ||
| 27 | * | ||
| 28 | * @author Bernhard Schussek <bschussek@gmail.com> | ||
| 29 | */ | ||
| 30 | interface CsrfProviderInterface | ||
| 31 | { | ||
| 32 | /** | ||
| 33 | * Generates a CSRF token for a page of your application. | ||
| 34 | * | ||
| 35 | * @param string $intention Some value that identifies the action intention | ||
| 36 | * (i.e. "authenticate"). Doesn't have to be a secret value. | ||
| 37 | */ | ||
| 38 | public function generateCsrfToken($intention); | ||
| 39 | |||
| 40 | /** | ||
| 41 | * Validates a CSRF token. | ||
| 42 | * | ||
| 43 | * @param string $intention The intention used when generating the CSRF token | ||
| 44 | * @param string $token The token supplied by the browser | ||
| 45 | * | ||
| 46 | * @return Boolean Whether the token supplied by the browser is correct | ||
| 47 | */ | ||
| 48 | public function isCsrfTokenValid($intention, $token); | ||
| 49 | } | ||