Disable symfony 2 csrf token protection on ajax submit

Question

i\'m building a mobile app talking to my symfony2 app via webservices I can\'t find a way to disable csrf protection on a specific controller/action

i want to post r

Answer 1

I can't be 100% sure but I think I read somewhere that you can pass csrf_provider option while creating form.

All providers are subtypes of interface Symfony\Component\Form\Extension\Csrf\CsrfProvider and you should be able to create your own:

class MyNonCsrfProvider extends DefaultCsrfProvider{
    public function isCsrfTokenValid($intention, $token)
    {
        return true;
    }
}

and in controller:

$this->createForm(new CustomFormType(), array(
    'csrf_provider' => new MyNonCsrfProvider()
));

I haven't tried this myself but this sounds like a possible solution...