Download
Archived! Now that all modern browsers implement SameSite cookies and the Origin HTTP header, this bundle is - in most cases - not necessary anymore. Learn how to protect your Symfony APIs from CSRF attacks. If you need to maintain old applications, take a look to DneustadtCsrfCookieBundle. This API Platform and Symfony bundle provides automatic Cross Site Request Forgery (CSRF or XSRF) protection for client-side applications. Despite the name, it works with any client-side technology including Angular, React, Vue.js, and jQuery. Actually, any JavaScript code issuing XMLHttpRequest or using the Fetch API can leverage this bundle.
Features
- To prevent CSRF attacks, the bundle will check that the header's value match the cookie's value
- Use Composer to install this bundle
- Configure URLs where the cookie must be set and that must be protected against CSRF attacks
- Examples available
- Integration with the Symfony Form Component
- Full Configuration
Project Samples
Categories
SecurityLicense
MIT LicenseFollow JavaScript CSRF Protection Bundle
Other Useful Business Software
$300 Free Credits to Build on Google Cloud
Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of JavaScript CSRF Protection Bundle!
