[Documentation] A word about _check_csrf?
Gregwar opened this issue · comments
There is no mention of the _check_csrf
attribute that need to be added to a route defaults (see https://github.com/KnpLabs/KnpRadBundle/blob/develop/EventListener/CsrfListener.php#L22)
Nothing here:
http://rad.knplabs.com/#unsafe-methods
And nothing here:
https://github.com/KnpLabs/KnpRadBundle/wiki/csrf-protected-links
Though, it looks important to ensure that the token will be checked
yes, that's a missing part of the doc that is very important :/
We're working on some feature files describing very realistically the behavior:
Since a code snippets worth 100 words, here they are :)
It doesn't mean we should'nt update the docs.
By the way, if you have time to upgrade them and provide a PR, it would be awseome :)
Thanks for opening the issue!
#129 should be able to addthe csrf attribute in appropriate requests.