This is an experimental implementation that is used for demonstration purposes and must not be used in production environments.
It is used to describe:
- the concept of CSRF attack prevention and token generation/verification
- a possible integration in extbase action controllers
This code has not been audited by third party. It has been written for demonstration purposes only, but with "best effort" for real-world applications.
If you find a security issue in the code, please report it in the issue tracker (no confidentiality needed).