Skip to content

Documented CSRF protection in login forms #3327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Dec 26, 2013
Merged

Documented CSRF protection in login forms #3327

merged 7 commits into from
Dec 26, 2013

Conversation

wouterj
Copy link
Member

@wouterj wouterj commented Dec 14, 2013

Q A
Doc fix? no
New docs? yes
Applies to all
Fixed tickets #3059

cordoval
cordoval reviewed Dec 14, 2013
View reviewed changes
cookbook/security/csrf_in_login_form.rst

When using a login form, you should make sure that you are protected for CSRF
(`Cross-site request forgery`_). The Security component already has build-in support
form CSRF. In this article, you'll learn how you can use it in your login form.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for instead of form

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove comma after article i think

@wouterj
Copy link
Member Author

wouterj commented Dec 15, 2013

thank you guys, fixed them all!

I don't have any clue why @zczapran's commits are included in this PR, everything is completely up to date...

@ggam
Copy link

ggam commented Dec 15, 2013

Did you add the new article to the cookbook list?

@xabbuh
Copy link
Member

xabbuh commented Dec 15, 2013

@wouterj did you branch off the 2.2 branch or did you rebase on it?

@xabbuh
Copy link
Member

xabbuh commented Dec 15, 2013

@ggam is right. You need to add the article to /cookbook/map.rst and /cookbook/security/index.rst.

@wouterj
Copy link
Member Author

wouterj commented Dec 15, 2013

@xabbuh I rebased it on origin/2.3

@xabbuh
Copy link
Member

xabbuh commented Dec 15, 2013

weird

weaverryan added a commit that referenced this pull request Dec 26, 2013
@weaverryan
Merge pull request #3327 from WouterJ/issue_3059
c03f7e9 
Documented CSRF protection in login forms
@weaverryan weaverryan merged commit c03f7e9 into symfony:2.3 Dec 26, 2013
weaverryan added a commit that referenced this pull request Dec 26, 2013
@weaverryan
[#3327] Minor tweaks to Login form CSRF entry
d29521d
@weaverryan
Copy link
Member

Thanks Wouter! Very nice job with this - complete, but straight to the point :).

Cheers!

@wouterj wouterj deleted the issue_3059 branch December 26, 2013 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@wouterj @ggam @xabbuh @weaverryan @cordoval @zczapran