Question 136655 in PHP Question posted in
Official manual can be found here.

Php – Why am I getting error CSRF Token mismatch only on my first load after login in my Laravel 8 application?

I’ve got a form that has some fields that their values are loaded in by an ajax call to a controller after the first input is filled.

I have added the token as an input to my form with "@csrf" in my blade file.

To make the Ajax call I’m sending the CSRF token in the data section.

The first time I login my application and load the page where the form is located I get the "CSRF Token Mismatch" error when doing the Ajax call. If I reload the page normally with F5 key or just clicking the reload button on my browser, it works flawlessly.

What is producing this behaviour in my application and how can I fix it?

I know we can bypass this issue by disabling the token protection for this route, but that’s the last thing I want to do.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I figured out that I can make a GET call to my controller without having to care about the token. With that in mind I made the controller regenerate my session token and send it back to the view.

    The token I just sent to the view will be used for the POST ajax calls and works perfect.


  2. 0

    You must send CSRF Token into ajax headers. if you don’t have

    <meta name="csrf-token" content="{{ csrf_token() }}" />

    you can add this code inside of <head></head> tag in your html. after that you can send csrf token into headers ajax request like this

    $.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
    }
});

    but another way you can add to headers ajax directly like this

    $.ajaxSetup({
  headers: {
    'X-CSRF-TOKEN': `{{ csrf_token() }}`
  }
});
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search