PHPackages nuboxdevcom/psr15-csrf-middleware - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. nuboxdevcom/psr15-csrf-middleware AbandonedArchivedLibrary[Security](/categories/security) nuboxdevcom/psr15-csrf-middleware ================================= PSR15 Middleware For CSRF Security 1.0.2(8y ago)311MITPHPPHP ^7.1 Since Aug 25Pushed 8y ago1 watchersCompare [ Source](https://github.com/SBordier44/PSR15-CsrfMiddleware)[ Packagist](https://packagist.org/packages/nuboxdevcom/psr15-csrf-middleware)[ RSS](/packages/nuboxdevcom-psr15-csrf-middleware/feed)WikiDiscussions master Synced 2w ago READMEChangelog (1)Dependencies (5)Versions (4)Used By (0) PSR-15 CSRF Middleware ====================== [](#psr-15-csrf-middleware) [![Build Status](https://camo.githubusercontent.com/9d4c6f02d3b7ca85049554f1ec49e83918ae2248ea230e7882ba6a46b156f61c/68747470733a2f2f7472617669732d63692e6f72672f4e75424f58446576436f6d2f50535231352d437372664d6964646c65776172652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/NuBOXDevCom/PSR15-CsrfMiddleware)[![Coverage Status](https://camo.githubusercontent.com/d54b178de59fb67761ffa3f4a4328f9c3a09656f692f203258412ef45b277ecb/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6769746875622f4e75424f58446576436f6d2f50535231352d437372664d6964646c65776172652f62616467652e7376673f6272616e63683d6d6173746572)](https://coveralls.io/github/NuBOXDevCom/PSR15-CsrfMiddleware?branch=master) This middleware check every POST, PUT or DELETE request for a CSRF Token. Token are persisted using an ArrayAccess compatible Session and are generated on demand. Installation ------------ [](#installation) ``` composer require nuboxdevcom/psr15-csrf-middleware ``` How to use it ------------- [](#how-to-use-it) ``` $middleware = new CsrfMiddleware($_SESSION, 200); $app->pipe($middleware); // Generate input $input = "" ``` Middleware are constructed with this parameters: - session, **ArrayAccess|array**, used to store token - limit, **int**, limit the number of token to persist - sessionKey, **string** - formKey, **string** ### Health Score 26 — LowBetter than 41% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity8 Limited adoption so far Community4 Small or concentrated contributor base Maturity60 Established project with proven stability How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~78 days Total 3 Last Release 3075d ago PHP version history (2 changes)1.0.0PHP >=7.1.0 1.0.2PHP ^7.1 ### Community Maintainers ![](https://www.gravatar.com/avatar/fbbe019a996ca87a444f28bbb4448e1ae121ae4d94c7b08ab4a61dd7326a60e0?d=identicon)[SBordier44](/maintainers/SBordier44) --- Tags middlewaresecuritycsrfpsr15nuboxdevcom ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/nuboxdevcom-psr15-csrf-middleware/health.svg) ``` [![Health](https://phpackages.com/badges/nuboxdevcom-psr15-csrf-middleware/health.svg)](https://phpackages.com/packages/nuboxdevcom-psr15-csrf-middleware) ``` ### Alternatives [paragonie/anti-csrf Paragon Initiative's Anti-CSRF Security Library 304211.3k5](/packages/paragonie-anti-csrf)[owasp/csrf-protector-php CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app. 215363.8k5](/packages/owasp-csrf-protector-php)[ayesh/stateless-csrf Secret-key based state-less CSRF token generator and validator for PHP 8. State-less means you do not have to store the CSRF token in session or database. 3224.0k](/packages/ayesh-stateless-csrf)[riimu/kit-csrf Secure and simple CSRF library protected against timing and BREACH attacks 6526.9k](/packages/riimu-kit-csrf)[selective/samesite-cookie Secure your site with SameSite cookies 10145.3k](/packages/selective-samesite-cookie)[dneustadt/csrf-cookie-bundle CSRF protection cookie for use with XHR 1380.3k1](/packages/dneustadt-csrf-cookie-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)