[FLOW3-general] Remove csrfToken from URL
Bastian Waidelich
bastian at typo3.org
Fri Feb 8 10:48:35 CET 2013
Rudy Gnodde wrote:
Hi Rudy,
> I'm working on my first Flow application. I do have experience with
> Extbase, so most things are at least familiar.
>[...]
> So, my question is: Is there a way to remove the __csrfToken parameter
> from the URL (without breaking authentication)?
Simply add the SkipCsrfProtection annotation [1] to the respective actions:
use TYPO3\Flow\Annotations as Flow;
class YourController {
/**
* @return void
* @Flow\SkipCsrfProtection
*/
public function yourAction() {
}
}
HTH
[1]
http://docs.typo3.org/flow/TYPO3FlowDocumentation/TheDefinitiveGuide/PartV/AnnotationReference.html#skipcsrfprotection
--
Bastian Waidelich
--
Core Developer Team
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the FLOW3-general
mailing list