Archived! Now that all modern browsers implement SameSite cookies and the Origin HTTP header, this bundle is - in most cases - not necessary anymore. Learn how to protect your Symfony APIs from CSRF attacks. If you need to maintain old applications, take a look to DneustadtCsrfCookieBundle. This API Platform and Symfony bundle provides automatic Cross Site Request Forgery (CSRF or XSRF) protection for client-side applications. Despite the name, it works with any client-side technology including Angular, React, Vue.js, and jQuery. Actually, any JavaScript code issuing XMLHttpRequest or using the Fetch API can leverage this bundle.

Features

  • To prevent CSRF attacks, the bundle will check that the header's value match the cookie's value
  • Use Composer to install this bundle
  • Configure URLs where the cookie must be set and that must be protected against CSRF attacks
  • Examples available
  • Integration with the Symfony Form Component
  • Full Configuration

Project Samples

JavaScript CSRF Protection Bundle Screenshot 1

Project Activity

See All Activity >

Categories

Security

License

MIT License

Follow JavaScript CSRF Protection Bundle

JavaScript CSRF Protection Bundle Web Site

Other Useful Business Software
Forever Free Full-Stack Observability | Grafana Cloud Icon
Forever Free Full-Stack Observability | Grafana Cloud

Our generous forever free tier includes the full platform, including the AI Assistant, for 3 users with 10k metrics, 50GB logs, and 50GB traces.

Built on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
Create free account
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of JavaScript CSRF Protection Bundle!

Additional Project Details

Programming Language

PHP

Related Categories

PHP Security Software

Registered

2023-10-04
Report inappropriate content