0

I am getting this CSRF token error and when I look around everyone just said that all I need is to use {{ csrf_field() }} when I submit my data. In the past, it was working fine but after some time, I got this error and I can't submit my data or even edit my data at all. Can someone help me here thanks.

enter image description here

Please tell me where did I go wrong? What am I suppose to do here

edit.blade.php (this is the csrf part)

        <form class="form-horizontal" method="post" action="{{ url('/user/show/'.$object->id) }}">

          {{ method_field('PUT')  }}
          {{ csrf_field() }}

         <div class="input-group">
            <label><b>Name/NRIC:</b></label>
              <input type="text" name="Name" value="{{ $object->Name }}" class="form-control">
        </div>
</form>

app.js (laravel default not mine, this is what I saw)

/**
 * We'll load the axios HTTP library which allows us to easily issue requests
 * to our Laravel back-end. This library automatically handles sending the
 * CSRF token as a header based on the value of the "XSRF" token cookie.
 */

window.axios = __webpack_require__(16);

window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';

/**
 * Next we will register the CSRF Token as a common header with Axios so that
 * all outgoing HTTP requests automatically have it attached. This is just
 * a simple convenience so we don't have to attach every token manually.
 */

var token = document.head.querySelector('meta[name="csrf-token"]');

if (token) {
  window.axios.defaults.headers.common['X-CSRF-TOKEN'] = token.content;
} else {
  console.error('CSRF token not found: https://laravel.com/docs/csrf#csrf-x-csrf-token');
}

EDIT: Not sure if this is related but since it is the login part just want to know if it affects this.

I have actually 2 app.blade.php for the layout so was wondering is that the reason which is causing this whole problems?

Improve this question
18
  • Please show the related code. Commented Jan 10, 2018 at 8:46
  • Is it an Ajax call ?? Commented Jan 10, 2018 at 8:48
  • Ajax call? Sorry what do you mean by that, I just do it normally based on what I saw on tutorial videos and from documents @Maraboc Commented Jan 10, 2018 at 8:49
  • @AlexeyMezenin I have updated the question with my code that I think is related Commented Jan 10, 2018 at 8:49
  • i mean via javaScript, so it's not ajax then :) Commented Jan 10, 2018 at 8:51

5 Answers 5

Reset to default
5

Go to your master blade or app.blade.php and make sure you add this :

<meta name="csrf-token" content="{{ csrf_token() }}">
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

are you extending that blade
Yup, in every blade page I used something like this, @extends('layouts.app')
Hi I have updated the question, and would like to know if that could be the cause
Thanks! This fixed it for me too; it might be due to some Laravel update. Can't say for sure if the line was there, or not, prior to 5.8.
3

you need to add this into your head tag

 <meta name="csrf-token" content="{{csrf_token}}">

this error will not be shown anymore.

for more details go here for more details

Improve this answer

2 Comments

@Dkna stackoverflow.com/questions/44988755/… look at my answer here
Yup I saw it and it is exactly what you said, I have followed that already. I checked that if it is at the head tag and it is. This was the default layout laravel gave when I used the authentication and I didn't change anything
0

Start and end of your form 

{!!
    Form::
    open(
    array(
    'id'=>'FormIF',
    'name'=>'FormName',
    'autocomplete'=>'off' ,
    'url' =>route('route_to_post_method')
    )
    )
    !!}

//Form Body

{!! Form::close() !!}
Improve this answer

3 Comments

Just asking then where do I put the action and method part of the form?
url for action and method not needed. It default uses POST
just check html of your form via browser and see if something like <input name="_token" type="hidden" value="u0erOF5UHhRxyFJ2l9tJ3RlvrWVysPBGEGdd7M8q"> is there or not
0

open your inspector and make sure the meta tag is placed in head . if you find meta placed in body , so you may include script out of section field in your section script, you must include into section field.

@extends('app')
@section('content')
@include('sidebar')
Improve this answer

Comments

0

All you have to do is to check your generated HTML file ctrl+U. You will notice that your HTML <head> tag is probably placed inside of the body tag. This happens if you don't get your layout and blade sections right.

This happened to me before

@extends('layouts.main-layout')
  <h1>Laravel Project</h1> <--This will break the **generated template**
@section('content')
    <div id="app"></div>
@endsection

The <h1> will break template you will see the CSRF-token error in the console.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.