How to Disable CSRF token in Laravel Application

|
| By Webner

CSRF stands for cross-site request forgery. CSRF token is basically used for security purpose in Laravel forms. To understand how it works read here: https://laravel.com/docs/5.4/csrf

How to disable it if required?

CSRF protection is enabled by default in all routes of Laravel 5. We can disable it for specific routes by modifying app>Http>Middleware>VerifyCsrfToken.php file of your application or you can disable it as a whole.

1. Open your app>Http>Kernel.php file and scroll downward to MiddlewareGroups. This is something look like this in Laravel 5:

1

2. Then what you have to do is just comment or remove:

\app\Http\Middleware\VerifyCsrfToken::class middleware.

Commenting would be better because it may be needed in future:

2

Now you can execute your form without adding:

<input type = "hidden" name = "_token" value = "<?php echo csrf_token() ?>">

 

Leave a Reply

Your email address will not be published. Required fields are marked *