Recommended is this documentation on 'slim/csrf'.
To enhance security have all routes by default CSRF protection on board. The middleware that is added to all routes can be found in file 'App.php':
/**
* Middleware that add the csrf to all routes
* If you are implementing per-route checks you must disable this
*/
$app->add($container->get('csrf'));If you don't want this you can comment this line out or remove it.
In the folder 'core\Twig' you can find the file name 'TwigCsrf.php', which includes a Twig extension
to apply the CSRF keys/names to the views.
The appliance of this extension can be found in the file named 'container/singleton/View.php':
$view->addExtension( new TwigCsrf(
$container->csrf
});if ($request->getAttribute('csrf_status') === false) {
// display suitable error here
} else {
// successfully passed CSRF check
}