mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-07 16:48:43 +02:00
SecurityToken docs
This commit is contained in:
parent
daa0b3cb79
commit
9872a52a8d
@ -325,6 +325,10 @@ You can disable this behaviour through `[api:Form->disableSecurityToken()]`.
|
||||
It is also recommended to limit form submissions to the intended HTTP verb (mostly `GET` or `POST`)
|
||||
through `[api:Form->setStrictFormMethodCheck()]`.
|
||||
|
||||
Sometimes you need to handle state-changing HTTP submissions which aren't handled through
|
||||
SilverStripe's form system. In this case, you can also check the current HTTP request
|
||||
for a valid token through `[api:SecurityToken::checkRequest()]`.
|
||||
|
||||
## Casting user input
|
||||
|
||||
When working with `$_GET`, `$_POST` or `Director::urlParams` variables, and you know your variable has to be of a
|
||||
|
Loading…
Reference in New Issue
Block a user