Laravel Question posted in
The official Laravel Documentation can be found here.

Laravel 419 Page Expired, works on local

I recently added a new feature to my website so that admins are able to view and delete files in storage/app/public/files/uploads

This feature works fine in my local copy but on the live server I keep getting a 419 page expired. I searched around the web and found that the most likely cause is a missing @csrf at the start of my form but I already have this in my code.

<form method="POST" action="{{route('dashboard.uploaddelete', $file)}}">
    @csrf
    <div class="modal-body">
        <p class="font-weight-bold">Are you sure you wish to delete {{$file}}? This action is irreversible!</p>
        <input type="hidden" name="filename" value="{{$file}}">
    </div>
    <div class="modal-footer">
        <button type="submit" class="btn btn-danger">Delete</button>
        <button type="button" class="btn btn-light" data-dismiss="modal">Cancel</button>
    </div>
</form>

I have tried clearing artisan cache, routes, views and config but no luck.

Any help would be appreciated, thanks!

Tags:

2

Answers


  1. 0

    This solution has worked for me:

    Open the file config/session.php and made some changes:

    update the values:

    'lifetime' => 120, 
'domain' => env('SESSION_DOMAIN', null),
'secure' => env('SESSION_SECURE_COOKIE', false),

    Also check the storage/ folder have an proper permission.

    After that open the terminal and run those commands:

    php artisan cache:clear
php artisan config:clear
php artisan view:clear
php artisan route:clear
    Login or Signup to reply.
  2. 0

    Mostly 419 error is thrown when the csrf token is being mismatched.

    • Firstly, try using the webstie in the incognito window, if it worked
      then the issue is with the cache memories.

    • You can manually view the csrf token: {{ csrf_token() }} and check
      whether it matches with the token saved in the session.

    • You can increase the life time of the session in config/session.php file by changing the lifetime value or change it in the .env file by using this SESSION_LIFETIME=120

    • Check both the form and your site uses HTTPS protocol

    • Check .env config, make sure you have both SESSION_DOMAIN and APP_URL
      are same

    If you are using AJAX call, then you need to pass the csrf token in the header.

    • Add an meta tag to save the csrf token in it

    < meta name="csrf-token" content="{{ csrf_token() }}">

    • Then in your ajax, add the header

    headers: {‘X-CSRF-TOKEN’:
    $(‘meta[name="csrf-token"]’).attr(‘content’)}

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search