LordSimal
commented
3 months ago this should be done on the 4.x branch, not 4.next 4.next is for CakePHP 4.6
Closed vincentTSSB closed 3 months ago
LordSimal
commented
3 months ago this should be done on the 4.x branch, not 4.next 4.next is for CakePHP 4.6
vincentTSSB
commented
3 months ago this should be done on the 4.x branch, not 4.next 4.next is for CakePHP 4.6 4.next is for CakePHP 4.6
Noted. Created new PR #7909 to replace this.
On my app, tried to use
SessionCsrfProtectionMiddleware::replaceToken()method as per CSRF Protection docs: https://book.cakephp.org/4/en/security/csrf.html#session-based-csrf-middleware-options But the method is not available even though my version is higher than 4.3.0 (my app version is 4.4.5).In version 4.3.0, there is no
replaceToken()method: https://github.com/cakephp/cakephp/blob/4.3.0/src/Http/Middleware/SessionCsrfProtectionMiddleware.phpThe method was actually added since version 4.5.0: https://github.com/cakephp/cakephp/blob/4.5.0/src/Http/Middleware/SessionCsrfProtectionMiddleware.php