Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

vincent15000's avatar

Laravel 12 / VueJS 3 / no starter kit, I get error 500 with /sanctum/csrf-token

Hello,

I have tried to push a projet developed with Laravel 12 / VueJS 3 / no starter kit and as soon as I call /sanctum/csrf-cookie, I get an Internal Server Error.

All works fine locally.

To understand what's wrong, I have activated the debug on the production server, just to see what happens.

When I have a look at the development tools / network tab, I see ... hmmm ... Internal Server Error in an HTML page ... and nothing in the logs.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request

How is it possible to see the real error in place of the HTML page, like it does in local dev ?

What do I have forgotten ?

Is there something specific to do with Laravel 12 ?

I never had this problem before.

Thanks for your help.

V

0 likes
5 replies
JussiMannisto's avatar

To understand what's wrong, I have activated the debug on the production server, just to see what happens.

This is dangerous as the Ignition page may leak sensitive information. Read the bolded part of the second paragraph here.

How is it possible to see the real error in place of the HTML page, like it does in local dev ?

The page should never be used in production. If there's nothing in Laravel's log files, then maybe the framework fails to boot and you need to check the web server's log files.

1 like
vincent15000's avatar

@JussiMannisto I know this, thanks ;).

I just wanted to check something, it's a personal project and it was just to test Laravel 12 with VueJS3.

JussiMannisto's avatar

@vincent15000 Have you checked that the storage directory, along with its files and subdirectories, have the correct owner (e.g. www-data) with write permissions? If there's an error and the web server can't write an error log entry, you'll get a 500 without a trace.

1 like
vincent15000's avatar

@JussiMannisto It's ok with the rights, I got some entries in the logs for other reasons. But nothing related to the g/sanctum/csrf-token route.

What's strange is that it works fine locally and not on the webhosting.

The VueJS home page displays correctly.

So I think that there is probably something wrong with my fortify / sanctum / session configuration.

But what ?

vincent15000's avatar
vincent15000
OP
1 year ago
Best Answer
Level 63

@JussiMannisto I have found ... it was related to the Apache configuration (the webhosting has only an Apache webserver, and the RewriteBase / line is missing from the standard configuration given by Laravel.

Please or to participate in this conversation.