How to disable csrf in symfony?

I used the code below and it has csrf too. But how can I disable its csrf? I searched and Disable CSRF token on login form did not help, as there createFormBuilder() is not used in my case below, so what should I do?

$csrfStorage = new NativeSessionTokenStorage();
$csrfGenerator = new UriSafeTokenGenerator();
$csrfManager = new CsrfTokenManager($csrfGenerator, $csrfStorage);

$formFactory = Forms::createFormFactoryBuilder()
    ->addExtension(new CsrfExtension($csrfManager))
    ->getFormFactory();


$defaultFormTheme = 'bootstrap_3_layout.html.twig';

$vendorDir = realpath(__DIR__.'/../vendor');
$appVariableReflection = new ReflectionClass('SymfonyBridgeTwigAppVariable');
$vendorTwigBridgeDir = dirname($appVariableReflection->getFileName());
$viewsDir = realpath('twig');

$twig = new Twig_Environment(new Twig_Loader_Filesystem(array(
    $viewsDir,
    $vendorTwigBridgeDir.'/Resources/views/Form',
)));
$formEngine = new TwigRendererEngine(array($defaultFormTheme), $twig);
$twig->addRuntimeLoader(new Twig_FactoryRuntimeLoader(array(
    TwigRenderer::class => function () use ($formEngine, $csrfManager) {
        return new TwigRenderer($formEngine, $csrfManager);
    },
)));
$twig->addExtension(new FormExtension());

$translator = new Translator('en');
$twig->addExtension(new TranslationExtension($translator));
$form = $formFactory->createBuilder()
    ->add('task', TextType::class)
    ->add('dueDate', DateType::class)
    ->getForm();

$request = Request::createFromGlobals();
$form->handleRequest();
if ($form->isSubmitted() && $form->isValid()) {
    $data = $form->getData();
    print_r($data);
}

$twig->display('new.html.twig', array(
    'form' => $form->createView(),
));

JavaScript
​x
 
$csrfStorage = new NativeSessionTokenStorage();$csrfGenerator = new UriSafeTokenGenerator();$csrfManager = new CsrfTokenManager($csrfGenerator, $csrfStorage);​$formFactory = Forms::createFormFactoryBuilder()    ->addExtension(new CsrfExtension($csrfManager))    ->getFormFactory();​​$defaultFormTheme = 'bootstrap_3_layout.html.twig';​$vendorDir = realpath(__DIR__.'/../vendor');$appVariableReflection = new ReflectionClass('SymfonyBridgeTwigAppVariable');$vendorTwigBridgeDir = dirname($appVariableReflection->getFileName());$viewsDir = realpath('twig');​$twig = new Twig_Environment(new Twig_Loader_Filesystem(array(    $viewsDir,    $vendorTwigBridgeDir.'/Resources/views/Form',)));$formEngine = new TwigRendererEngine(array($defaultFormTheme), $twig);$twig->addRuntimeLoader(new Twig_FactoryRuntimeLoader(array(    TwigRenderer::class => function () use ($formEngine, $csrfManager) {        return new TwigRenderer($formEngine, $csrfManager);    },)));$twig->addExtension(new FormExtension());​$translator = new Translator('en');$twig->addExtension(new TranslationExtension($translator));$form = $formFactory->createBuilder()    ->add('task', TextType::class)    ->add('dueDate', DateType::class)    ->getForm();​$request = Request::createFromGlobals();$form->handleRequest();if ($form->isSubmitted() && $form->isValid()) {    $data = $form->getData();    print_r($data);}​$twig->display('new.html.twig', array(    'form' => $form->createView(),));​

Answer

$form = $formFactory->createBuilder('SymfonyComponentFormExtensionCoreTypeFormType', null,  array('csrf_protection' => false))

JavaScript
 
$form = $formFactory->createBuilder('SymfonyComponentFormExtensionCoreTypeFormType', null,  array('csrf_protection' => false))​

Advertisement

Answer