Support the ongoing development of Laravel.io →
posted 10 years ago
Forms
Last updated 2 years ago.
0

My guess is that you are forcing a CSRF filter on a get route within your group.

Last updated 2 years ago.
0

Yah that would make since. So where they are the resourceful do you think it would be better to do the CSRF filters in the controllers instead of on the routes?

Last updated 2 years ago.
0

You could check for the request method in your route filter and bypass those you don't need CSRF.

Route::filter('csrf', function()
{
	if (Request::getMethod() !== 'GET' && Session::token() != Input::get('_token'))
	{
		throw new Illuminate\Session\TokenMismatchException;
	}
});
Last updated 2 years ago.
0

ipalaus said:

You could check for the request method in your route filter and bypass those you don't need CSRF.

Route::filter('csrf', function()
{
  if (Request::getMethod() !== 'GET' && Session::token() != Input::get('_token'))
  {
  	throw new Illuminate\Session\TokenMismatchException;
  }
});

Thanks - I just was not sure how to figure check what the request method was! cheers

Last updated 2 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Cmarenburg cmarenburg Joined 25 Feb 2014

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 Laravel.io - All rights reserved.