function CsrfExceptionSubscriber::on403

Same name and namespace in other branches
  1. 10 core/lib/Drupal/Core/EventSubscriber/CsrfExceptionSubscriber.php \Drupal\Core\EventSubscriber\CsrfExceptionSubscriber::on403()

Handles a 403 error for HTML.

Parameters

\Symfony\Component\HttpKernel\Event\ExceptionEvent $event: The event to process.

File

core/lib/Drupal/Core/EventSubscriber/CsrfExceptionSubscriber.php, line 32

Class

CsrfExceptionSubscriber
Handles exceptions related to CSRF access.

Namespace

Drupal\Core\EventSubscriber

Code

public function on403(ExceptionEvent $event) : void {
    $request = $event->getRequest();
    $routeMatch = RouteMatch::createFromRequest($request);
    $route = $routeMatch->getRouteObject();
    if (!$route->hasRequirement('_csrf_token') || empty($route->getOption('_csrf_confirm_form_route'))) {
        return;
    }
    $event->setResponse(new RedirectResponse(Url::fromRoute($route->getOption('_csrf_confirm_form_route'))
        ->toString()));
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.