Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSRF tokens.

Related tags

Security php security symfony component csrf symfony-component
Overview

Security Component - CSRF

The Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSRF tokens.

Sponsor

The Security component for Symfony 5.4/6.0 is backed by SymfonyCasts.

Learn Symfony faster by watching real projects being built and actively coding along with them. SymfonyCasts bridges that learning gap, bringing you video tutorials and coding challenges. Code on!

Help Symfony by sponsoring its development!

Resources

You might also like...
A library for generating random numbers and strings

RandomLib A library for generating random numbers and strings of various strengths. This library is useful in security contexts. Install Via Composer

Anthony Ferrara 832 Nov 24, 2022
CORS (Cross-Origin Resource Sharing) middleware for Hyperf application.

CORS Middleware for Hyperf Implements fruitcake/laravel-cors for Hyperf. Features Handles CORS pre-flight OPTIONS requests Adds CORS headers to your r

Gang Wu 8 Sep 19, 2022
A Simple Cross Origin Resource Sharing for Lumen Framework (5.*).

Lumen Cors Package A Simple Cross Origin Resource Sharing for Lumen Framework. Note: That should works fine on Laravel Framework too, but the tests ar

Vagner Luz do Carmo 46 Jul 27, 2022
PHP CORS (Cross-origin resource sharing) middleware.

CORS PHP CORS (Cross-origin resource sharing) middleware. Support Array, Coding in Native PHP Using PSR-7 PSR-15 Support Symfony Support Laravel Suppo

Seven Du 269 Nov 9, 2022
Obfuscate your data by generating reversible, non-sequential, URL-safe identifiers.

Laravel Hashid Laravel Hashid provides a unified API across various drivers such as Base62, Base64, Hashids and Optimus, with support for multiple con

Elf Sundae 390 Nov 16, 2022
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application

PHPIDS PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web ap

null 752 Jan 3, 2023
Windows and macOS Hardening Interface to make security more accessible.

Welcome to the Hardening Interface Introduction To use HardeningKitty service more easily, we have created an interface which permits better understan

ataumo 24 Dec 5, 2022
A database of PHP security advisories

PHP Security Advisories Database The PHP Security Advisories Database references known security vulnerabilities in various PHP projects and libraries.

null 1.9k Dec 18, 2022
A php.ini scanner for best security practices

Scanner for PHP.ini The Iniscan is a tool designed to scan the given php.ini file for common security practices and report back results. Currently it

psec.io 1.5k Dec 5, 2022
Comments
  • Fix division by zero

    Fix division by zero

    Given: CSRF token abc.def.ghi was returned When: I change the value of this token in my browser to abc..ghi Then: the key becomes '' and the xor that is called in denormalize results in a division by zero and http 500

    opened by tvlooy 1
Releases(v6.2.0)
Owner
Symfony
Symfony
GitHub https://symfony.com/components/Security
XSS, CSRF, SQLi, RFI attacks/defences in eClass site.

Open eClass 2.3 Disclaimer This repository contained a vulnerable version of eclass (check very first commit for initial version, if you want to exper

Vissarion Moutafis 10 Feb 14, 2022
㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP

㊙️ AntiXSS "Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inje

Lars Moelleken 570 Dec 16, 2022
Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campbell/security-core

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

Graham Campbell 170 Nov 20, 2022
A multitool library offering access to recommended security related libraries, standardised implementations of security defences, and secure implementations of commonly performed tasks.

SecurityMultiTool A multitool library offering access to recommended security related libraries, standardised implementations of security defences, an

Pádraic Brady 131 Oct 30, 2022
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

About SecLists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected i

Daniel Miessler 44.1k Jan 7, 2023
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code.

Floe design + technologies 654 Dec 28, 2022
Php Security Class

Security Advanced Security Class for Php Features Secure From XSS, CSRF, SQL Injection, BASE64, RFI, LFI, Command Injection, Block Suspicious Request

Ömer Faruk Demirel 5 Dec 2, 2022
Security Component - Guard

The Guard component brings many layers of authentication together, making it much easier to create complex authentication systems where you have total control.

Symfony 1.4k Jan 5, 2023
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

Security Component - Core Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the

Symfony 1.6k Jan 1, 2023
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials.

Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

Symfony 1.5k Dec 28, 2022