Support the ongoing development of →
Requests Validation
Last updated 2 years ago.

Maybe user had opened form and the session expired and with it the CSRF token also. Either increase the session expiration time or make JS logout (redirect) on session expiration.


I know that the cause should be that, but the exception should be handled by the
case ($e instanceof TokenMismatchException):

instead it is reported like an unhandled exception, or that kind of exceptions are reported into the log file even if correctly handled?

Last updated 7 years ago.

That happened again. Is it possible that the token and session is not generated if it is a bot to try to use the form? It looks not probable to me that so many users are waiting so much time to fill a form, the session's lifetime is 4 hours, I don't think that in the last 3 days 3 users did wait 4 hours before to fill a form.

Last updated 7 years ago.

The messages continue to appear, ever 3 in 3 seconds. I'm sure that it is a bot, could it be a bot which tries to use the login form?

I don't think that I could solve this with any captcha or other, the token is checked before the form validation.


1 - reload page 2 - reload / resend form 3 - regenerate token 4 - if it is form, add csrf_field()


Sign in to participate in this thread!


Your banner here too?

Kumidan kumidan Joined 29 Apr 2015


We'd like to thank these amazing companies for supporting us

Your logo here?

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 - All rights reserved.