Drupal 8  8.0.2
CsrfAccessCheck Class Reference
Inheritance diagram for CsrfAccessCheck:

Public Member Functions

 __construct (CsrfTokenGenerator $csrf_token)
 access (Route $route, Request $request, RouteMatchInterface $route_match)

Protected Attributes


Detailed Description

Allows access to routes to be controlled by a '_csrf_token' parameter.

To use this check, add a "token" GET parameter to URLs of which the value is a token generated by ::csrfToken()->get() using the same value as the "_csrf_token" parameter in the route.

Constructor & Destructor Documentation

__construct ( CsrfTokenGenerator  $csrf_token)

Constructs a CsrfAccessCheck object.

\Drupal\Core\Access\CsrfTokenGenerator$csrf_tokenThe CSRF token generator.

References Drupal\csrfToken().

Here is the call graph for this function:

Member Function Documentation

access ( Route  $route,
Request  $request,
RouteMatchInterface  $route_match 

Checks access based on a CSRF token for the request.

\Symfony\Component\Routing\Route$routeThe route to check against.
\Symfony\Component\HttpFoundation\Request$requestThe request object.
\Drupal\Core\Routing\RouteMatchInterface$route_matchThe route match object.
The access result.

References AccessResult\allowed(), Drupal\csrfToken(), AccessResult\forbidden(), and RouteMatchInterface\getRawParameters().

Here is the call graph for this function:

The documentation for this class was generated from the following file: