Symfony-check

Check if your symfony application is ready for deployment

Form protection
  • security

Useless for sf1.3/1.4 project

symfony has the ability to protect each form of your project against CSRF attacks.

To enable this feature, you have to prompt a csrf key in apps/frontend/config/settings.yml :

all:
  .settings:
    csrf_secret:       chooseYouOwnSecretKey

This solution inject in each form a token unique for a given user and for a given form. Be carefull, forms that use the csrf protection can no longer be cached.

Read the related symfony documentation