Closed Hricer closed 2 months ago
@stollr I will be happy if you check this behavior.
@Hricer Where do you set the option 'csrf_protection' => false
?
@stollr during form creation
$form = $this->createForm(MyApiForm::class, $task, [
'csrf_protection' => false,
]);
framework.yaml
framework:
csrf_protection: true
I got it. Of course I have to set 'csrf_protection' => false
in setDefaults.
class MyApiForm extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options): void
{
...
}
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([
'csrf_protection' => false,
]);
}
}
@stollr Thanks :)
Version
4.26.2
Description
After updating the library, the csrf token is always in the schema even though the form has option
'csrf_protection' => false
.Only global disable csrf_protection in framework config works.
Additional context
No response