skip to Main Content

I’m using Laravel 11.3 to receive events from Issabel. When I sending data Via Curl in an Eventhandeler PHP AMI file from Issabel, it shows HTTP Code 419 as server respond. ChatGPT told me some changing in code but unfortunately they doesn’t work and are for previous version of Laravel. For example adding some changing in App.php like:

->withMiddleware(function (Middleware $middleware) {
    // Completely disable CSRF for testing
    $middleware->withoutCsrf();
})

That shows this error on other pages but sending data from Issabel works good.

(!) Fatal error: Uncaught Error: Call to undefined method IlluminateFoundationConfigurationMiddleware::withoutCsrf() in C:UsersAdministratorDesktoptechnotechnoavbootstrapapp.php on line 16

After some googling I use this code:

->withMiddleware(function (Middleware $middleware) {
    $middleware->validateCsrfTokens(except: [
        'missedcalls',               // Relative path
        'http://192.168.10.29/*',    // Full URL with wildcard
    ]);
})

That works good with other pages but shows http error 419 when i send data from Issabel.

Now the question is how can I disable CSRF for some addresses on Laravel 11.3. As it mentioned in these links Laravel CSRF and Laravel Changes many changes happened in Laravel 11 but there is no good documentation about. I appreciate any help.

2

Answers


  1. Add this code it should work. if not working tell me whats going on

    class VerifyCsrfToken extends BaseVerifier
    {
        /**
         * The URIs that should be excluded from CSRF verification.
         *
         * @var array<int, string>
         */
        protected $except = [
            'missedcalls',                   // Specific route
            'http://192.168.10.29/*',         // Full URL with wildcard
            'api/issabel-webhook/*',          // Example for Issabel-specific routes
        ];
    }
    
    Login or Signup to reply.
  2. Typically, you should place these kinds of routes outside of the web middleware group that Laravel applies to all routes in the routes/web.php file.

    Even in test cases its only for convenience that the CSRF middleware is automatically disabled for all routes.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search