Disable CSRF on specific Routes

Submitted by aglipanci - 2 years ago

CSRF is enabled by default on all Routes in Laravel 5, you can disable it for specific routes by modifying app/Http/Middleware/VerifyCsrfToken.php

//app/Http/Middleware/VerifyCsrfToken.php

//add an array of Routes to skip CSRF check
private $openRoutes = ['free/route', 'free/too'];

//modify this function
public function handle($request, Closure $next)
    {
        //add this condition 
		foreach($this->openRoutes as $route) {

			if ($request->is($route)) {
				return $next($request);
			}
		}
		
		return parent::handle($request, $next);
	}
comments powered by Disqus

Ads cover the costs of maintaining Laravel-tricks