CSRF validator error

Questions Components & MVC
1

Hello,

I have a problem with overwriting the message returned when a csrf element is incorrectly validated.

When the element name is other than csrf e.g. post_csfr I keep getting the error “The form submitted did not originate from the expected site”.


[
                'name' => 'post_csrf',
                'required' => true,
                'filters' => [
                    ['name' => \Laminas\Filter\StripTags::class],
                    ['name' => \Laminas\Filter\StringTrim::class],
                ],
                'validators' => [
                    [
                        'name' => \Laminas\Validator\NotEmpty::class,
                    ],
                    [
                        'name' => \Laminas\Validator\Csrf::class,
                        'options' => [
                            'messages' => [
                                \Laminas\Validator\Csrf::NOT_SAME => 'my error message',
                            ],
                        ],
                    ],
                ],
            ],

Is this part of the code correct/allowed (I get the expected result when the input name is “csrf”):

[
      'name' => \Laminas\Validator\Csrf::class,
      'options' => [
            'messages' => [
                 \Laminas\Validator\Csrf::NOT_SAME => 'my error message',
            ],
      ],
],
2

You can set a name via the options:

[
      'name' => \Laminas\Validator\Csrf::class,
      'options' => [
            'name' => 'post_csfr',
            'messages' => [
                 \Laminas\Validator\Csrf::NOT_SAME => 'my error message',
            ],
      ],
],
3

@froschdesign
Your hint solved the problem. I did not find this in the documentation. Thank you very much! :slight_smile:

4

As already mentioned in the chat: Please create an issue report for this problem or create a pull request to solve the problem directly. Thanks in advance! :+1:t3: