Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Againg symfony shitty:
look - I want to validate csrf. I found docs how to do it.
https://symfony.com/doc/2.8/...
"if ($this->isCsrfTokenValid('token_id', $submittedToken)) {
// ... do something, like deleting an object
}"
But how the fuck should I know what is token_id from this stupid writing?
I have debugged their code to find it out. What a fucking waste of time !!! Free shit. Companies could probably pay small fee for the symfony if they could find people who do better job. Because by paying salaries for finding such shit costs them anyway.
And there was a htmls where the token was:
<form name="form" method="post" action="/admin/policy/47/push-im-xml">
<button class="btn btn-xs btn-info" type="submit">Push IM XML to GA</button>
<input type="hidden" id="form__token" name="form[_token]" value="LDVrl52CYtbT-kDudsjzrNAdJuIyFZhafsgk9QDnWGs"></form>
Guess what was token_id : form
:D whf. How the fuck could I know? I have tried various ways before debugging liek form_token, form[_token], _token
Who could fucking think its 'form' ?!!!! Wth. This is a joke.9
Top Tags
Weekly Rant
View