Home/ Questions/Q 9146035
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T10:39:40+00:00

In the Symfony 2 template documentation it recommends embedding a controller within a template

  • 0

In the Symfony 2 template documentation it recommends embedding a controller within a template via the render url method and provides the following example:

<div id="sidebar">
    {% render url('latest_articles', { 'max': 3 }) %}
</div>

This is fine, however is it possible to make this route only accessible to templates to prevent a user from accessing the url directly, and if so – what is the recommended way of doing it?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can define all you rendered controller routes pattern as “/_render/unique_name” or prefix them with “_render” and use access_control to secure the routes from outside world:

    # app/config/security.yml
security:
    access_control:
        - { path: ^/_render, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }
        - { path: ^/_render, roles: ROLE_NO_ACCESS }
    • 0