csrf error solve. try 1

2026-01-10 00:39:33 +01:00
parent ac4c5ef261
commit 47091cd4e3
3 changed files with 18 additions and 10 deletions
--- a/config/packages/csrf.yaml
+++ b/config/packages/csrf.yaml
@@ -1,11 +1,10 @@
 # Enable stateless CSRF protection for forms and logins/logouts
 framework:
-    form:
-        csrf_protection:
-            token_id: submit
-
-    csrf_protection:
-        stateless_token_ids:
-            - submit
-            - authenticate
-            - logout
+#    form:
+#        csrf_protection:
+#            token_id: submit
+#    csrf_protection:
+#        stateless_token_ids:
+#            - submit
+#            - authenticate
+#            - logout
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@@ -15,6 +15,15 @@ framework:
        storage_factory_id: session.storage.factory.native
        save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'

+when@prod:
+    framework:
+        session:
+            handler_id: null
+            cookie_secure: true
+            cookie_samesite: lax
+            storage_factory_id: session.storage.factory.native
+            save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
+
    #esi: true
    #fragments: true