Roni

Axios without CSRF and Requested with headers

Posted 1 year ago by Roni

Hi,

Using Laravel 5.5 and vue (I'm weak at JS) I'm making some axios requests that run both internally and externally to other content. The internal content is fine and needs CSRF tokens to protect our system. However the same CSRF are applied to external calls.

is there a way to keep using window.axios for internal calls and some other instance of axios kept for external requests?

Right now to get the externals working i've commented out the following:

bootstrap.js

window.axios = require('axios');

// window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';

/**
 * Next we will register the CSRF Token as a common header with Axios so that
 * all outgoing HTTP requests automatically have it attached. This is just
 * a simple convenience so we don't have to attach every token manually.
 */
//
// let token = document.head.querySelector('meta[name="csrf-token"]');
//
// if (token) {
//     window.axios.defaults.headers.common['X-CSRF-TOKEN'] = token.content;
// } else {
//     console.error('CSRF token not found: https://laravel.com/docs/csrf#csrf-x-csrf-token');
// }


That solves all the external issues but removes protection on the system.

How can I make something like externalAxios to make external calls while keeping axios for internals?

Thanks in advance for your time.

Please sign in or create an account to participate in this conversation.

Laracasts Mascot

Hi, Have We Met Yet?

Did you know that, in addition to the forum, Laracasts includes well over 1000 lessons on modern web development? All for the price of one lunch out per month.

Sign Me Up

Channels

Reply to

Use Markdown with GitHub-flavored code blocks.