CsrfProtection
Interfaces, Classes, Traits and Enums
- CsrfToken
- Represents a token used to determine the validity ot a request.
- CsrfProtectionRequestHandler
- Refuses to process an invalid request
- CsrfRequestCheckMiddleware
- Takes care of request validation logic for CSRF attack mitigation
- CsrfResponseFilterMiddleware
- Adds support for CSRF attack mitigation by attaching identifiers to the valid response.
- AbstractSession
- A testable session abstraction.
- AbstractTokenStorage
- Used to store and validate tokens used to mitigate CSRF attacks
- SessionTokenStorage
- Uses the session to store the CSRF token
- SessionWrapper
- Allows for testable session handling.
Table of Contents
- REQUEST_ID_KEY = "CSRF-PROTECTION-TOKEN"
- TOKEN_DEFAULT_TTL = 1800
- TOKEN_MAX = 10
Constants
REQUEST_ID_KEY
public
mixed
REQUEST_ID_KEY
= "CSRF-PROTECTION-TOKEN"
TOKEN_DEFAULT_TTL
public
mixed
TOKEN_DEFAULT_TTL
= 1800
TOKEN_MAX
public
mixed
TOKEN_MAX
= 10