VerifyCsrfToken
class VerifyCsrfToken (View source)
Traits
Properties
| protected Application | $app | The application instance. |
|
| protected Encrypter | $encrypter | The encrypter implementation. |
|
| protected array<int,string> | $except | The URIs that should be excluded from CSRF verification. |
|
| static protected array | $neverVerify | The globally ignored URIs that should be excluded from CSRF verification. |
|
| protected bool | $addHttpCookie | Indicates whether the XSRF-TOKEN cookie should be set on the response. |
Methods
Get the number of seconds until the given DateTime.
If the given value is an interval, convert it to a DateTime instance.
Given a start time, format the total run time for human readability.
Determine if the application is running unit tests.
Determine if the request has a URI that should pass through CSRF verification.
Determine if the cookie should be added to the response.
Add the CSRF token to the response cookies.
Indicate that the given URIs should be excluded from CSRF verification.
Determine if the cookie contents should be serialized.
Details
protected int
secondsUntil(DateTimeInterface|DateInterval|int $delay)
Get the number of seconds until the given DateTime.
protected int
availableAt(DateTimeInterface|DateInterval|int $delay = 0)
Get the "available at" UNIX timestamp.
protected DateTimeInterface|int
parseDateInterval(DateTimeInterface|DateInterval|int $delay)
If the given value is an interval, convert it to a DateTime instance.
protected int
currentTime()
Get the current system time as a UNIX timestamp.
protected string
runTimeForHumans(float $startTime, float $endTime = null)
Given a start time, format the total run time for human readability.
void
__construct(Application $app, Encrypter $encrypter)
Create a new middleware instance.
protected bool
isReading(Request $request)
Determine if the HTTP request uses a ‘read’ verb.
protected bool
runningUnitTests()
Determine if the application is running unit tests.
protected bool
inExceptArray(Request $request)
Determine if the request has a URI that should pass through CSRF verification.
protected bool
tokensMatch(Request $request)
Determine if the session and input CSRF tokens match.
protected string|null
getTokenFromRequest(Request $request)
Get the CSRF token from the request.
bool
shouldAddXsrfTokenCookie()
Determine if the cookie should be added to the response.
protected Response
addCookieToResponse(Request $request, Response $response)
Add the CSRF token to the response cookies.
protected Cookie
newCookie(Request $request, array $config)
Create a new "XSRF-TOKEN" cookie that contains the CSRF token.
static void
except(array|string $paths)
Indicate that the given URIs should be excluded from CSRF verification.
static bool
serialized()
Determine if the cookie contents should be serialized.