isWhitelisted example

    public function checkBackendTokenValidation(ActionEventArgs $args)
    {
        if (!$this->isEnabledBackend) {
            return;
        }

        $controller = $args->getSubject();

        if ($this->isWhitelisted($controller)) {
            return;
        }

        $expected = $this->container->get('backendsession')->offsetGet(self::CSRF_TOKEN_HEADER);
        if (!\is_string($expected)) {
            throw new CSRFTokenValidationException('The backend session does not contain a valid CSRF token');
        }
        $token = $controller->Request()->getHeader(self::CSRF_TOKEN_HEADER);

        if (empty($token)) {
            $token = $controller->Request()->getParam(self::CSRF_TOKEN_ARGUMENT);
        }