Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Confusing error when CSRF protection is not enabled #37452

New issue
New issue
Closed
Closed
Confusing error when CSRF protection is not enabled#37452
Labels
SecurityTwigBridge
@javiereguiluz

Description

@javiereguiluz
javiereguiluz
opened on Jun 30, 2020

Description
If your application doesn't have CSRF protection enabled, you'll see this error message when using forms that use CSRF:

symfony/src/Symfony/Component/Form/FormRenderer.php

Line 62 in 1b5430b

throw new BadMethodCallException('CSRF tokens can only be generated if a CsrfTokenManagerInterface is injected in FormRenderer::__construct().');

This error message may be technically precise ... but it's not very useful because it doesn't explain how to solve the problem. The real solution is that you must set the framework.csrf_protection config option to true or null. So, should we update this error message? Or does this error happen in several different circumstances and we can't update it? Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    SecurityTwigBridge

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions