diff options
Diffstat (limited to 'vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php')
-rw-r--r-- | vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php b/vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php deleted file mode 100644 index 7143b130..00000000 --- a/vendor/symfony/form/Symfony/Component/Form/Extension/Csrf/CsrfProvider/CsrfProviderInterface.php +++ /dev/null | |||
@@ -1,49 +0,0 @@ | |||
1 | <?php | ||
2 | |||
3 | /* | ||
4 | * This file is part of the Symfony package. | ||
5 | * | ||
6 | * (c) Fabien Potencier <fabien@symfony.com> | ||
7 | * | ||
8 | * For the full copyright and license information, please view the LICENSE | ||
9 | * file that was distributed with this source code. | ||
10 | */ | ||
11 | |||
12 | namespace Symfony\Component\Form\Extension\Csrf\CsrfProvider; | ||
13 | |||
14 | /** | ||
15 | * Marks classes able to provide CSRF protection | ||
16 | * | ||
17 | * You can generate a CSRF token by using the method generateCsrfToken(). To | ||
18 | * this method you should pass a value that is unique to the page that should | ||
19 | * be secured against CSRF attacks. This value doesn't necessarily have to be | ||
20 | * secret. Implementations of this interface are responsible for adding more | ||
21 | * secret information. | ||
22 | * | ||
23 | * If you want to secure a form submission against CSRF attacks, you could | ||
24 | * supply an "intention" string. This way you make sure that the form can only | ||
25 | * be submitted to pages that are designed to handle the form, that is, that use | ||
26 | * the same intention string to validate the CSRF token with isCsrfTokenValid(). | ||
27 | * | ||
28 | * @author Bernhard Schussek <bschussek@gmail.com> | ||
29 | */ | ||
30 | interface CsrfProviderInterface | ||
31 | { | ||
32 | /** | ||
33 | * Generates a CSRF token for a page of your application. | ||
34 | * | ||
35 | * @param string $intention Some value that identifies the action intention | ||
36 | * (i.e. "authenticate"). Doesn't have to be a secret value. | ||
37 | */ | ||
38 | public function generateCsrfToken($intention); | ||
39 | |||
40 | /** | ||
41 | * Validates a CSRF token. | ||
42 | * | ||
43 | * @param string $intention The intention used when generating the CSRF token | ||
44 | * @param string $token The token supplied by the browser | ||
45 | * | ||
46 | * @return Boolean Whether the token supplied by the browser is correct | ||
47 | */ | ||
48 | public function isCsrfTokenValid($intention, $token); | ||
49 | } | ||