class CsrfTokenViewHelper extends AbstractViewHelper (View source)

ViewHelper that outputs a CSRF token which is required for "unsafe" requests (e.g. POST, PUT, DELETE, ...).

Note: You won't need this ViewHelper if you use the Form ViewHelper, because that creates a hidden field with the CSRF token for unsafe requests automatically. This ViewHelper is mainly useful in conjunction with AJAX.

= Examples =

...

Now, the CSRF token can be extracted via JavaScript to be appended to requests, for example with jQuery:
<code title="fetch CSRF token with jQuery">
jQuery (exemplary):
$.ajax({
  url: '<someEndpoint>',
  type: 'POST',
  data: {
    __csrfToken: $('#someDiv').attr('data-csrf-token')
  }
});

Properties

protected RenderingContextInterface $renderingContext from  AbstractViewHelper
protected ControllerContext $controllerContext

Controller Context to use

from  AbstractViewHelper
protected ObjectManagerInterface $objectManager from  AbstractViewHelper
protected LoggerInterface $logger from  AbstractViewHelper
protected Context $securityContext

Methods

void
setRenderingContext(RenderingContextInterface $renderingContext)

No description

void
injectObjectManager(ObjectManagerInterface $objectManager)

No description

void
injectLogger(LoggerInterface $logger)

Injects the (system) logger based on PSR-3.

string
render()

No description

string
compile(string $argumentsName, string $closureName, string $initializationPhpCode, ViewHelperNode $node, TemplateCompiler $compiler)

Compile to direct call in the template.

Details

void setRenderingContext(RenderingContextInterface $renderingContext)

No description

Parameters

RenderingContextInterface $renderingContext

Return Value

void

void injectObjectManager(ObjectManagerInterface $objectManager)

No description

Parameters

ObjectManagerInterface $objectManager

Return Value

void

void injectLogger(LoggerInterface $logger)

Injects the (system) logger based on PSR-3.

Parameters

LoggerInterface $logger

Return Value

void

bool isEscapingInterceptorEnabled()

No description

Return Value

bool

string render()

No description

Return Value

string

string compile(string $argumentsName, string $closureName, string $initializationPhpCode, ViewHelperNode $node, TemplateCompiler $compiler)

Compile to direct call in the template.

Parameters

string $argumentsName
string $closureName
string $initializationPhpCode
ViewHelperNode $node
TemplateCompiler $compiler

Return Value

string