Installation
Notice: the {{ errors }} and {{ success }} tags won't work with this. As you're redirecting back to the same static page. Best options for this is to have basic html validation for the fields, and on success redirect to a success page.
Installation
- Copy the "DynamicToken" folder contents to your Statamic
site/addonsdirectory - Run
php please update:addonsto load the addons dependencies.
Configuration
You can configure the addon by visiting CP > Addons > Dynamic Token:
- Refresh interval - an interval for updating your csrf token every
nminutes. - CSS Selector - If you want to change the default selector, note this will break
{{ form:create }}.
Usage
- disable CSRF verification by adding
/!/DynamicTokento thecsrf_excludearray insite/settings/system.yaml. Don't worry we check that the referrer is comming from yourAPP_URL, but this still carries its own risks. - add a
{{ dynamic_token }}to your layout file just before</body>tag. - add an
APP_URL=<your_site_url>to your.envfile. e.g.:APP_URL=site.comlocal development:APP_URL=localhost
Examples
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Dynamic Token</title>
</head>
<body>
{{ form:create in="superfans" }}
{{ fields }}
<label>{{ display }}
<input type="text" name="{{ field }}" value="{{ old }}" />
</label>
{{ /fields }}
{{ /form:create }}
{{ dynamic_token }}
</body>
</html>
License
Icons made by Freepik from www.flaticon.com