0

I'm using Laravel 5.1 and i'm tryin to disable csrf validation for this route to be able to perform some remote validations using Jquery Form Validator : 

Route::post('verify', 'formController@check');

As mentioned in the documentation, I just have to add my URI to the $excludeproperty. whice I did : 

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;

class VerifyCsrfToken extends BaseVerifier
{
/**
 * The URIs that should be excluded from CSRF verification.
 *
 * @var array
 */
protected $except = [
    'verify',
];
}

That did not work, So I tried to disable csrf validation for the whole application : 

class Kernel extends HttpKernel
{
protected $middleware = [
    ...
    //\App\Http\Middleware\VerifyCsrfToken::class,
];
protected $routeMiddleware = [
    ...
];
}

That did not work either. I keep getting this error on the console :

POST http://domain.name/verify 500 (Internal Server Error)

whice exactly points to this line(The validator's js file):

ajax({url:b,type:"POST",cache:!1,data:g,dataType:"json",error:function(a){return h({valid:!1,message:"Connection failed with status: "+a.statusText},f),!1}

What am I missing? thanks for your help.

Improve this question
3
  • If you have disabled CSRF for the whole application and that route still doesn't work, then your problem is not CSRF. You either have an issue with your route or the way you are calling it. Commented Jan 26, 2016 at 15:58
  • If you had the "CSRF" problem you should have the CSRF error, so, as Andy has said, there must be another problem. Commented Jan 26, 2016 at 16:01
  • 1
    Check your server error log. Commented Jan 26, 2016 at 16:16

2 Answers 2

Reset to default
1

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;

class VerifyCsrfToken extends BaseVerifier {

protected $except_urls = [
    'verify'
];

public function handle($request, Closure $next)
{
    $regex = '#' . implode('|', $this->except_urls) . '#';

    if ($this->isReading($request) || $this->tokensMatch($request) || preg_match($regex, $request->path()))
    {
        return $this->addCookieToResponse($request, $next($request));
    }

    throw new TokenMismatchException;
}

}

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Solved the problem.

For Laravel 5 and above, adding protected $except = ['verify',]; to App\Http\Middleware\VerifyCsrfToken.php does solve the problem.

NB : Google's inspect tool (Network menu) helped me understand what was really happening.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.