My guess is that you are forcing a CSRF filter on a get route within your group.
Yah that would make since. So where they are the resourceful do you think it would be better to do the CSRF filters in the controllers instead of on the routes?
You could check for the request method in your route filter and bypass those you don't need CSRF.
Route::filter('csrf', function()
{
if (Request::getMethod() !== 'GET' && Session::token() != Input::get('_token'))
{
throw new Illuminate\Session\TokenMismatchException;
}
});
ipalaus said:
You could check for the request method in your route filter and bypass those you don't need CSRF.
Route::filter('csrf', function() { if (Request::getMethod() !== 'GET' && Session::token() != Input::get('_token')) { throw new Illuminate\Session\TokenMismatchException; } });
Thanks - I just was not sure how to figure check what the request method was! cheers
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community