How to Disable CSRF token in Laravel Application

| By Webner

CSRF stands for cross-site request forgery. CSRF token is basically used for security purpose in Laravel forms. To understand how it works read here:

How to disable it if required?

CSRF protection is enabled by default in all routes of Laravel 5. We can disable it for specific routes by modifying app>Http>Middleware>VerifyCsrfToken.php file of your application or you can disable it as a whole.

1. Open your app>Http>Kernel.php file and scroll downward to MiddlewareGroups. This is something look like this in Laravel 5:


2. Then what you have to do is just comment or remove:

\app\Http\Middleware\VerifyCsrfToken::class middleware.

Commenting would be better because it may be needed in future:


Now you can execute your form without adding:

<input type = "hidden" name = "_token" value = "<?php echo csrf_token() ?>">


Leave a Reply

Your email address will not be published. Required fields are marked *