Archived! Now that all modern browsers implement SameSite cookies and the Origin HTTP header, this bundle is - in most cases - not necessary anymore. Learn how to protect your Symfony APIs from CSRF attacks. If you need to maintain old applications, take a look to DneustadtCsrfCookieBundle. This API Platform and Symfony bundle provides automatic Cross Site Request Forgery (CSRF or XSRF) protection for client-side applications. Despite the name, it works with any client-side technology including Angular, React, Vue.js, and jQuery. Actually, any JavaScript code issuing XMLHttpRequest or using the Fetch API can leverage this bundle.

Features

  • To prevent CSRF attacks, the bundle will check that the header's value match the cookie's value
  • Use Composer to install this bundle
  • Configure URLs where the cookie must be set and that must be protected against CSRF attacks
  • Examples available
  • Integration with the Symfony Form Component
  • Full Configuration

Project Samples

JavaScript CSRF Protection Bundle Screenshot 1

Project Activity

See All Activity >

Categories

Security

License

MIT License

Follow JavaScript CSRF Protection Bundle

JavaScript CSRF Protection Bundle Web Site

Other Useful Business Software
MongoDB Atlas runs apps anywhere Icon
MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
Start Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of JavaScript CSRF Protection Bundle!

Additional Project Details

Programming Language

PHP

Related Categories

PHP Security Software

Registered

2023-10-04
Report inappropriate content