[Form] Fix/csrf token added to prototypes, fixes #3987. #3990
Conversation
|
ping @bschussek |
|
What about <?php
// CollectionType.php
if ($options['allow_add'] && $options['prototype']) {
$prototype = $builder->create($options['prototype_name'], $options['type'], array_replace(
array('label' => $options['prototype_name'] . 'label__'),
$options['options'],
array('csrf_protection' => false)
));
$builder->setAttribute('prototype', $prototype->getForm());
} |
|
Yes, that was first what I thought about, but the form extensions should be decoupled I think, Core doesn't know about Csrf. |
|
It could be moved to the default options of a collection type extension. Not sure what is the best way to fix this. |
|
This is basically the implementation that was used before csrf refactoring, it is a bit tricky, because we're adding it and then removing. I think we could somehow identify whether the field is prototype or not, but current approach is more universal. |
|
I fixed this in a separate PR. The fix was a bit different. |
Commits ------- ccd6bbc [Form] Removed extra CSRF field on collection prototype Discussion ---------- [Form] Removed extra CSRF field on collection prototype Bug fix: yes Feature addition: no Backwards compatibility break: no Symfony2 tests pass: yes Fixes the following tickets: #3987, #3990 Todo: -  --------------------------------------------------------------------------- by bschussek at 2012-04-19T08:43:32Z Wait a minute please, I oversaw some tests that have to be adapted. --------------------------------------------------------------------------- by bschussek at 2012-04-19T09:22:45Z Fixed. ping @fabpot
Bug fix: yes.
Feature addition: no.
Backwards compatibility break: no.
Symfony2 tests pass: no, but it's not related in any way to forms.
Fixes the following tickets: #3987.
After recent refactoring of csrf protection, the token was added to all prototypes.