Slim 4 CSRF Protection?

brainstorm · September 6, 2019, 7:44am

Hello, How works CSRF protection in Slim v4?

odan · September 6, 2019, 9:19am

Take a look a the “official” Slim-CSRF package. Unfortunately it doesn’t support Slim 4 yet: https://github.com/slimphp/Slim-Csrf/pull/104

You could also take a look at my Slim 4 CSRF package: https://github.com/odan/csrf

Update: Maybe you don’t need CSRF protection anymore: https://scotthelme.co.uk/csrf-is-really-dead/

abhie · April 19, 2020, 1:03pm

Solution: use it without Middleware

Instead of using a separate middleware for CSRF Attack Protection, we should use it directly in our bootstrapper file like this

Now you can use these csrf fields in you template files like this

Ps: update this block as per your requirements or you can move these all to different file as well

Adding Twig v3 Globals for csrf fields will give you this error in Slim 4
Unable to add global “csrf” as the runtime or the extensions have already been initialized.
To fix these I implemented this answer.

Thanks & Regards
shindea890@gmail.com

Topic		Replies	Views
Slim CSRF value empty- [SOLVED]	5	1710	November 18, 2018
Implement Slim / csrf with twig	4	1841	November 12, 2019
[Solved]: Trouble upgrading to slim/csrf 0.8	1	1124	May 15, 2018
Slim 4 twig globals	10	4880	April 13, 2020
CSRF values are empty	2	737	June 5, 2020

Slim 4 CSRF Protection?

Related Topics