X-Git-Url: https://git.rapsys.eu/blog/blobdiff_plain/ac322d2577e26848be237c712a572542c583836c..2493d0b1cfe222bcd0db428ef974c6f218323c8e:/config/packages/csrf.yaml

diff --git a/config/packages/csrf.yaml b/config/packages/csrf.yaml
new file mode 100644
index 0000000..40d4040
--- /dev/null
+++ b/config/packages/csrf.yaml
@@ -0,0 +1,11 @@
+# Enable stateless CSRF protection for forms and logins/logouts
+framework:
+    form:
+        csrf_protection:
+            token_id: submit
+
+    csrf_protection:
+        stateless_token_ids:
+            - submit
+            - authenticate
+            - logout