Support the ongoing development of Laravel.io →
cmarenburg
posted 10 years ago
Forms
Last updated 2 years ago.
0
jimmypuckett
replied 10 years ago

My guess is that you are forcing a CSRF filter on a get route within your group.

Last updated 2 years ago.
0
cmarenburg
replied 10 years ago

Yah that would make since. So where they are the resourceful do you think it would be better to do the CSRF filters in the controllers instead of on the routes?

Last updated 2 years ago.
0
ipalaus
replied 10 years ago

You could check for the request method in your route filter and bypass those you don't need CSRF.

Route::filter('csrf', function()
{
	if (Request::getMethod() !== 'GET' && Session::token() != Input::get('_token'))
	{
		throw new Illuminate\Session\TokenMismatchException;
	}
});
Last updated 2 years ago.
0
cmarenburg
replied 10 years ago

ipalaus said:

You could check for the request method in your route filter and bypass those you don't need CSRF.

Route::filter('csrf', function()
{
  if (Request::getMethod() !== 'GET' && Session::token() != Input::get('_token'))
  {
  	throw new Illuminate\Session\TokenMismatchException;
  }
});

Thanks - I just was not sure how to figure check what the request method was! cheers

Last updated 2 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Cmarenburg cmarenburg Joined 25 Feb 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
Skynet Technologies
BairesDev
Remotely Works
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X Twitter GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise