jevanswater
jrmadsen67
/ gist:bd0f9ad0ef1ed6bb594e
Last active
August 19, 2024 10:37
Laravel Quick Tip: Handling CsrfToken Expiration gracefully
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Quick tip for handling CSRF Token Expiration - common issue is when you use csrf protection is that if | |
| a form sits there for a while (like a login form, but any the same) the csrf token in the form will | |
| expire & throw a strange error. | |
| Handling it is simple, and is a good lesson for dealing with other types of errors in a custom manner. | |
| In Middleware you will see a file VerifyCsrfToken.php and be tempted to handle things there. DON'T! | |
| Instead, look at your app/Exceptions/Handler.php, at the render($request, Exception $e) function. | |
| All of your exceptions go through here, unless you have excluded them in the $dontReport array at the |
roNn23
/ laravel.js
Last active
July 16, 2019 11:41
— forked from JeffreyWay/laravel.js
Updated delete-script of Jeffrey Way to work with Laravel 5. And optimized the implementation for the CSRF token. #laravel
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| <a href="posts/2" data-method="delete"> <---- We want to send an HTTP DELETE request | |
| - Or, request confirmation in the process - | |
| <a href="posts/2" data-method="delete" data-confirm="Are you sure?"> | |
| Add this to your view: | |
| <script> | |
| window.csrfToken = '<?php echo csrf_token(); ?>'; |