diff --git a/symfony/framework-bundle/7.2/config/packages/framework.yaml b/symfony/framework-bundle/7.2/config/packages/framework.yaml
index 7e1ee1f1e..a6e39940b 100644
--- a/symfony/framework-bundle/7.2/config/packages/framework.yaml
+++ b/symfony/framework-bundle/7.2/config/packages/framework.yaml
@@ -1,6 +1,9 @@
# see https://symfony.com/doc/current/reference/configuration/framework.html
framework:
secret: '%env(APP_SECRET)%'
+ form:
+ csrf_protection:
+ cookie_name: x-csrf-token
# Note that the session will be started ONLY if you read or write from it.
session: true
diff --git a/symfony/stimulus-bundle/2.19/assets/bootstrap.js b/symfony/stimulus-bundle/2.19/assets/bootstrap.js
new file mode 100644
index 000000000..2689398a6
--- /dev/null
+++ b/symfony/stimulus-bundle/2.19/assets/bootstrap.js
@@ -0,0 +1,2 @@
+// register any custom, 3rd party controllers here
+// app.register('some_controller_name', SomeImportedController);
diff --git a/symfony/stimulus-bundle/2.19/assets/controllers.json b/symfony/stimulus-bundle/2.19/assets/controllers.json
new file mode 100644
index 000000000..a1c6e90cf
--- /dev/null
+++ b/symfony/stimulus-bundle/2.19/assets/controllers.json
@@ -0,0 +1,4 @@
+{
+ "controllers": [],
+ "entrypoints": []
+}
diff --git a/symfony/stimulus-bundle/2.19/assets/controllers/csrf_protection_controller.js b/symfony/stimulus-bundle/2.19/assets/controllers/csrf_protection_controller.js
new file mode 100644
index 000000000..06f916d15
--- /dev/null
+++ b/symfony/stimulus-bundle/2.19/assets/controllers/csrf_protection_controller.js
@@ -0,0 +1,35 @@
+document.addEventListener('submit', function (event) {
+ let csrfField = event.target.querySelector('input[data-controller="csrf-protection"]');
+
+ if (!csrfField) {
+ return;
+ }
+
+ let csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie');
+
+ if (!csrfCookie) {
+ csrfField.setAttribute('data-csrf-protection-cookie', csrfCookie = csrfField.value);
+ }
+
+
+ if (!/^[-a-zA-Z0-9_]+$/.test(csrfCookie)) {
+ return
+ }
+
+ let csrfToken = btoa(String.fromCharCode.apply(null, (window.crypto || window.msCrypto).getRandomValues(new Uint8Array(18))));
+ csrfField.value = csrfToken;
+ let cookie = csrfCookie + '_' + csrfToken + '=' + csrfCookie + '; path=/; samesite=strict';
+
+ document.cookie = window.location.protocol === 'https:' ? '__Host-' + cookie + '; secure' : cookie;
+});
+
+document.addEventListener('turbo:submit-start', function (event) {
+ let csrfField = event.detail.formSubmission.formElement.querySelector('input[data-controller="csrf-protection"]');
+
+ if (csrfField) {
+ event.detail.formSubmission.fetchRequest.headers[csrfField.getAttribute('data-csrf-protection-cookie')] = csrfField.value;
+ }
+});
+
+/* stimulusFetch: 'lazy' */
+export default 'csrf-protection-controller';
diff --git a/symfony/stimulus-bundle/2.19/assets/controllers/hello_controller.js b/symfony/stimulus-bundle/2.19/assets/controllers/hello_controller.js
new file mode 100644
index 000000000..e847027bd
--- /dev/null
+++ b/symfony/stimulus-bundle/2.19/assets/controllers/hello_controller.js
@@ -0,0 +1,16 @@
+import { Controller } from '@hotwired/stimulus';
+
+/*
+ * This is an example Stimulus controller!
+ *
+ * Any element with a data-controller="hello" attribute will cause
+ * this controller to be executed. The name "hello" comes from the filename:
+ * hello_controller.js -> "hello"
+ *
+ * Delete this file or adapt it for your use!
+ */
+export default class extends Controller {
+ connect() {
+ this.element.textContent = 'Hello Stimulus! Edit me in assets/controllers/hello_controller.js';
+ }
+}
diff --git a/symfony/stimulus-bundle/2.19/manifest.json b/symfony/stimulus-bundle/2.19/manifest.json
new file mode 100644
index 000000000..428949575
--- /dev/null
+++ b/symfony/stimulus-bundle/2.19/manifest.json
@@ -0,0 +1,41 @@
+{
+ "bundles": {
+ "Symfony\\UX\\StimulusBundle\\StimulusBundle": ["all"]
+ },
+ "copy-from-recipe": {
+ "assets/": "assets/"
+ },
+ "aliases": ["stimulus", "stimulus-bundle"],
+ "conflict": {
+ "symfony/framework-bundle": "<7.2",
+ "symfony/security-csrf": "<7.2",
+ "symfony/webpack-encore-bundle": "<2.0",
+ "symfony/flex": "<1.20.0 || >=2.0.0,<2.3.0"
+ },
+ "add-lines": [
+ {
+ "file": "webpack.config.js",
+ "content": "\n // enables the Symfony UX Stimulus bridge (used in assets/bootstrap.js)\n .enableStimulusBridge('./assets/controllers.json')",
+ "position": "after_target",
+ "target": ".splitEntryChunks()"
+ },
+ {
+ "file": "assets/app.js",
+ "content": "import './bootstrap.js';",
+ "position": "top",
+ "warn_if_missing": true
+ },
+ {
+ "file": "assets/bootstrap.js",
+ "content": "import { startStimulusApp } from '@symfony/stimulus-bridge';\n\n// Registers Stimulus controllers from controllers.json and in the controllers/ directory\nexport const app = startStimulusApp(require.context(\n '@symfony/stimulus-bridge/lazy-controller-loader!./controllers',\n true,\n /\\.[jt]sx?$/\n));",
+ "position": "top",
+ "requires": "symfony/webpack-encore-bundle"
+ },
+ {
+ "file": "assets/bootstrap.js",
+ "content": "import { startStimulusApp } from '@symfony/stimulus-bundle';\n\nconst app = startStimulusApp();",
+ "position": "top",
+ "requires": "symfony/asset-mapper"
+ }
+ ]
+}
diff --git a/symfony/ux-turbo/2.19/assets/vue/controllers/Hello.vue b/symfony/ux-turbo/2.19/assets/vue/controllers/Hello.vue
new file mode 100644
index 000000000..2812aa432
--- /dev/null
+++ b/symfony/ux-turbo/2.19/assets/vue/controllers/Hello.vue
@@ -0,0 +1,9 @@
+
+ Hello {{ name }}!
+
+
+
diff --git a/symfony/ux-turbo/2.19/manifest.json b/symfony/ux-turbo/2.19/manifest.json
new file mode 100644
index 000000000..48149c60a
--- /dev/null
+++ b/symfony/ux-turbo/2.19/manifest.json
@@ -0,0 +1,14 @@
+{
+ "conflict": {
+ "symfony/framework-bundle": "<7.2",
+ "symfony/security-csrf": "<7.2"
+ },
+ "add-lines": [
+ {
+ "file": "config/packages/framework.yaml",
+ "position": "after_target",
+ "target": " csrf_protection:",
+ "content": " check_header: true"
+ }
+ ]
+}