Working on older projects (as i tend to do), I often get various requirements for security enhancements.
A few days ago, somebody apparently ordered a security test of a site I was working on, so yesterday i got the report:
3 HIGH security errors, one being that we had no CSRF tokens on the forms.
gah…
I started searching for a nice CSRF token package, but the cool ones from Symfony etc used a lot of internal things and this project i worked on, didn’t really use a nice framework (it’s old – but upgraded through the years it’s been in service.. no main framework though)
So I got my hands dirty and created a new package to handle this 🙂
The package is called jimmiw/csrf and is available on github and packagist.
To install it, write:
composer install jimmiw/csrfAnd you are good to go. Read the README.md file for more info about how to use the package.
Please note, that it’s already in version 2!… I guess I released it a bit fast yesterday and then today I changed the API…
Anyways, the unit test proves that it works 🙂