Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I have disabled cookies for my website and get TokenMismatchException. Since I am using sessions file driver why do I get TokenMismatchException when I disable cookies for my website?
You should disable this line: \App\Http\Middleware\VerifyCsrfToken::class in your kernel.php. But then you're aren't protected anymore against CSRF.
Or just add this to your form:
<form method="POST" action="/action">
{{ csrf_field() }}
...
</form>
I have {{ csrf_field() }} added to the form, that is what's puzzling me, here is the post value for token that was sent with request: _token J0Y0t2hj3jjVFMdGCch0apliPqlz1lZlwUc0VqCk
Please or to participate in this conversation.