Level 2
try using {{ csrf_field() }} instead of token (remove the input for the token and place the csrf_field code directly beneath your tag.
Jul 17, 2017
2
Level 10
Invalid CSRF Token
Hey guys,
i have a confusing problem with CSRF-Token validation. Every form has a hidden _token input. Sometimes there is even a page with multiple forms and of course a hidden _token field.
Its a app for a client and he works with multiple tabs and report the problem he often get the error "InvalidTokenMismatch" even when the page is "fresh". He doesn't idle for a long time.
Any thoughts? Session timeout is at the default 120 min (database). Any problems on using the site with multiple tabs?
it's very confusing...
Level 10
The hidden token field is auto generated by the illuminate Form class.
Please or to participate in this conversation.