Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I need to log in to a system using curl commands but I don’t know how to skip CSRF authentication.
I tried the following but it didn’t work:
curl -d "form_username_input_name=username&form_passowrd_input_name=password" url
How do I achieve what I want?
I think you need to create a separate login dedicated to the cURL login. You won’t be able to by pass the CSRF protection (in fact this is why it was made).
So,
sfGuardAuthmodule in your appexecuteLoginCurlsfGuardValidatorUser$this->getUser()->signIn(...)to sign in the userI recommend you to use a protection to avoid other application to cURL this module/action and try to brute force the login. You can, for example, make a restriction for this action on IP.