Support the ongoing development of →
Input Session Validation
Last updated 2 years ago.

I'm hoping this gets a response as well. We've experienced this in L4.2 and now L5.0.

A small percentage of our visitors appear to have cookies disabled, so their form posts are met with TokenMismatchExceptions. We use jQuery ajax posts to an API route but I believe you can simulate this on any CSRF-protected form.

I'd try to capture the laravel_session cookie value and manually pass that in as a form parameter, registering the session from the destination controller. However I think we're losing some laravel security benefits by registering sessions based on query parameters.

Otherwise we will need to either remove the CSRF middeware entirely or simply accept that cookie-less users can't post public forms.

Last updated 8 years ago.

Sign in to participate in this thread!


Your banner here too?

WebDev999 webdev999 Joined 26 Jun 2015


We'd like to thank these amazing companies for supporting us

Your logo here?

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 - All rights reserved.