Laravel - @csrf directive generates a validation error - PhpOut

Dom
December 2, 2023
152 views
1 vote
2 Answers

I use Laravel 10 and @csrf directive in my forms. I just noticed that this directive generates a w3C validation error:

An “input” element with a “type” attribute whose value is “hidden”
must not have an “autocomplete” attribute whose value is “on” or
“off”.

Because it generates this HTML code:

<input type="hidden" name="_token" value="aOZTBSeC6yErTEjpVskiG9c6YSaileoWLb6CGkrT" autocomplete="off">

I like to have pages with 0 errors (it might be useless). So, how can I no longer have this error?

Tags: laravel laravel-10

Answers

- KarlHill
- December 2, 2023 at 4:51 pm
- 0 votes
0
You can manually generate the CSRF token input without the autocomplete attribute. In your form, replace @csrf with…
```
<input type="hidden" name="_token" value="{{ csrf_token() }}">
```
This will generate a hidden input field without the autocomplete attribute, eliminating the validation error. Your form should look something like the following.
```
<form method="post" action="{{ route('your.route.name') }}">
    
    <input type="hidden" name="_token" value="{{ csrf_token() }}">
    <button type="submit">Submit</button>
</form>
```
Login or Signup to reply.

- DenisSinyukov
- December 2, 2023 at 6:32 pm
- 0 votes
0
you can override the csrf_field function in your helpers.php file.
1. Create a helpers.php file in the root folder
2. in the index.php file before require __DIR__.'/../vendor/autoload.php'; add require __DIR__.'/../helpers.php';
3. now the csrf_field function will be overridden by your
4. use @csrf and render your code
```
if (! function_exists('csrf_field')) {
    /**
     * Generate a CSRF token form field.
     */
    function csrf_field()
    {
        return '<input type="hidden" name="_token" value="'.csrf_token().'">';
    }
}
```
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.