Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I'm trying to make a post request using ajax. I keep getting a 419 error. Carefully checking code and all, i have the headers set for csrf but somehow the request doesn't contain this token which results in the 419 error. The meta is set in the section of the page yet somehow not included in the request.
Anyone encountered this before and how do i fix it?
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
$.ajax({
url: "{{ route('payment-methods.store') }}",
type: "POST",
data: formData,
contentType: false,
processData: false,
success: function(response) {
if(response.success) {
Swal.fire({
icon: 'success',
title: response.msg,
timer: 1500
}).then(function() {
location.reload();
});
} else {
Swal.fire({
icon: 'error',
title: response.msg,
timer: 1500
});
}
},
error: function(error) {
console.log(error);
},
complete: function() {
$("#addPaymentMethodBtn").text('Add Payment Method');
$("#addPaymentMethodBtn").attr("disabled", false);
}
});
Do you definitely have the meta tag in the Document head?
<meta name="csrf-token" content="{{ csrf_token() }}" />
You could instead append a _token to the formData object
$.ajax({
url: "{{ route('payment-methods.store') }}",
type: "POST",
data: { _token: {{ csrf_token() }}, ...formData },
@tykus That happened to me once and I fixed it this way:
in my main form place the tag like this.
<!-- CSRF Token -->
<meta name="csrf-token" content="{{ csrf_token() }}">
In my Ajax function I call it this way.
$.ajax({
url: "{{ url('url') }}",
data: {
"_token": $("meta[name='csrf-token']").attr("content")
},
dataType: "json",
method: "POST",
success: function(response) {
//Actions if success
},
error: function() {
//Actions if error
}
});
and always check that this @csrf is in my form
@jpmg you placed a meta tag in the form??? Also, your AJAX request payload is the _token and nothing else?
@tykus Before you bother, I noticed that I post a bit similar to yours, but it takes me a long time to respond since English is not my first language... and when I respond it coincides with some posts. sorry!!
@tykus yes and it worked for me
@tykus Tried that and it didn't work. Basically tried all book option that i know and can find on the internet yet nothing.
@ComputerMaverick tried what, adding the _token to the formData?
somehow the request doesn't contain this token which results in the 419 error
This should be fixed now?
@tykus Yes, I did add the _token and it still wasn't getting added.
like the
let myForm = document.getElementById('createNutritionForm');
let formData = new FormData(myForm);
var token = $('meta[name="csrf-token"]').attr('content');
formData.set('_token', token);
@ComputerMaverick are you actually making an AJAX request, or is this a full post back to the server? How is the AJAX request triggered; if you are using a submit button on the form, is the default event prevented?
If you make no change other than adding @csrf directive to the form; does it work then (albeit not using AJAX)?
Please or to participate in this conversation.