Question
I have a form called ObjectCollectionOuterForm which extends from sfForm. ObjectCollectionOuterForm is the main form of an embedded form, each embedded form has disabled its csrf with: $this->disableLocalCSRFProtection(), so now my form protection depends on the outer form but since it´s not a sfFormDoctrine dependent it has a field called _csrf_token but with no value inside. How can I generate it?
Solution
The CSRF protection is handled by sfForm class, it has nothing to do with sfFormDoctrine. The secret should get generated for you, but if you have problems you can pass it as a third argument to your form's constructor:
https://stackoverflow.com/questions/20099855
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian$form = new ObjectCollectionOuterForm($defaults, $options, $CSRFSecret);
