|JSONResponse, array{}> * * 200: CSRF token returned * 403: Strict cookie check failed */ #[PublicPage] #[NoCSRFRequired] #[FrontpageRoute(verb: 'GET', url: '/csrftoken')] public function index(): JSONResponse { if (!$this->request->passesStrictCookieCheck()) { return new JSONResponse([], Http::STATUS_FORBIDDEN); } $requestToken = $this->tokenManager->getToken(); return new JSONResponse([ 'token' => $requestToken->getEncryptedValue(), ]); } }