Merge pull request #302 from skipperbent/v3

V3

README.md

@@ -709,6 +709,20 @@ You can get the CSRF-token by calling the helper method:
 csrf_token();
 ```
 
+The default name/key for the input-field is `csrf_token` and is defined in the `POST_KEY` constant in the `BaseCsrfVerifier` class.
+You can change the key by overwriting the constant in your own CSRF-verifier class.
+
+**Example:**
+
+The example below will post to the current url with a hidden field "`csrf_token`".
+
+```html
+<form method="post" action="<?= url(); ?>">
+    <input type="hidden" name="csrf_token" value="<?= csrf_token(); ?>">
+    <!-- other input elements here -->
+</form>
+```
+
 ---
 
 # Middlewares

src/Pecee/Http/Middleware/BaseCsrfVerifier.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Pecee\Http\Middleware;
 
 use Pecee\CsrfToken;

src/Pecee/SimpleRouter/Router.php

@@ -285,7 +285,8 @@ class Router
         }
 
         if ($routeNotAllowed === true) {
-            $this->handleException(new HttpException('Route or method not allowed', 403));
+			$message = sprintf('Route "%s" or method "%s" not allowed.', $this->request->getUri()->getPath(), $this->request->getMethod());
+            $this->handleException(new HttpException($message, 403));
         }
 
         if ($this->request->getLoadedRoute() === null) {
@@ -594,4 +595,4 @@ class Router
         return $this;
     }
 
-}
+}