lithium\template\helper\Security::requestToken()
Generates a request key used to protect your forms against CSRF attacks. See the
RequestToken
class for examples and proper usage.
Parameters
-
array
$options
Options used as HTML when generating the field.
Returns
stringReturns a hidden <input />
field containing a request-specific CSRF token
key.
Source
public function requestToken(array $options = []) {
$defaults = ['name' => 'security.token', 'id' => false];
$options += $defaults;
$requestToken = $this->_classes['requestToken'];
$flags = array_intersect_key($this->_config, ['sessionKey' => '', 'salt' => '']);
$value = $requestToken::key($flags);
$name = $options['name'];
unset($options['name']);
return $this->_context->form->hidden($name, compact('value') + $options);
}