Level 2
Yes, Inertia automatically adds the CSFR token in every POST request. The documentation shows how to do it because it's framework agnostic, but with Laravel it's done underneath by Axios.
1 like
Jun 23, 2022
5
Level 2
InertiaJS include CSRF Token
With jQuery you must include a CSRF token otherwise the request will FAIL. See code snippet.
$.ajax({
type : "POST",
url : "/landlords",
data : {
_token:$('meta[name="csrf-token"]').attr('content'),
'll_code':$('input[name=ll_code]').val(),
'first_name':$('input[name=first_name]').val(),
'middle_name':$('input[name=middle_name]').val(),
'last_name':$('input[name=last_name]').val(),
}
But If I submit a request with Inertia without CSRF token it WORKS. See code snippet below.
<script>
let values = {
first_name: null,
last_name: null,
class_name: null,
}
function handleSubmit() {
Inertia.post('/students', values)
}
</script>
Does this mean inertia includes the CSRF token automatically?
Disclaimer: Inertiajs Documentation show how to include a CSRF token.
Level 51
Interesting question;
Inertiajs uses Axios as it is mentions in the documentation; Axis itself adds the X-XSRF-TOKEN automatically from the cookies that the browser has; Laravel adds it for you also automatically :)
1 like
Level 102
@ghiath.dev Can you point to where laravel does this? Laravel shouldnt do anything todo with javascript (unless you ask it to)
Laravel adds it for you also automatically
Level 51
Laravel adds a csrf cookie for each user session and axios automatically adds it in its requests.
1 like
Level 102
@ghiath.dev Yes laravel add it to the server (laravels) session data, which axois adds it to the browser :)
1 like
Please or to participate in this conversation.