Skip to content

Commit

Permalink
Avoid error if token is not string
Browse files Browse the repository at this point in the history
  • Loading branch information
@natanfelles
natanfelles committed Jan 27, 2025
1 parent 148cb9e commit 5383794
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/AntiCSRF.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,8 @@ public function setToken(?string $token = null) : static
*/
public function getUserToken() : ?string
{
return $this->request->getParsedBody($this->getTokenName());
$token = $this->request->getParsedBody($this->getTokenName());
return \is_string($token) ? $token : null;
}

/**
Expand Down
11 changes: 11 additions & 0 deletions tests/AntiCSRFTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,17 @@ public function testUserTokenEmpty() : void
self::assertFalse($this->anti->verify());
}

public function testUserTokenIsNotString() : void
{
$this->prepare();
$_POST = [
'csrf_token' => [
'foo' => 'bar',
],
];
self::assertFalse($this->anti->verify());
}

public function testVerifySuccess() : void
{
$this->prepare();
Expand Down

0 comments on commit 5383794

Please sign in to comment.