Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
csrf-token error after i declare it in the form
TokenMismatchException in VerifyCsrfToken.php line 53:
<input type="hidden" name="_token" id="csrf-token" value="{{ Session::token() }}" />
Anyone experience this in Laravel 5.1 or is there a better way?
I generally use
<input type="hidden" name="_token" id="_token" value="{!! $csrf_token !!}}" />
However I do notice that in 5.1 you can now do
{!! csrf_field() !!}
Seems like that will do the whole kit and kaboodle for that.
I'm not that experienced in Laravel yet but I've been using the tokens in Bootstrap Modal forms with great success since L5.
Thanks @Gorby i'm still experiencing the same thing, the truth is that the token is not changing on page refresh.. can't figure out the cause
I doubt this will be it, but I went down a rabbit hole this afternoon with the token, took me nearly an hour when I realized because I had cut'n'pasted some hidden fields from the token, I had three all with the same name (_token) I had just changed the "id" not the "name"! DOH! #beginner
if you want to do it on a ajax post request, just
$.ajax(
{
url: xxxxx/yyyyyy,
type: "POST",
data: { param1: data , _token: '{!! csrf_token() !!}' },
dataType: "html",
After hours of research, I could fix the problem by simply adding the domain in: config/session.php
"Session Cookie Domain"
'domain' => 'your-app-domain'
It doesn't matter if the session driver is "database or other"
Greetings!
Check this page http://laravel.com/docs/5.1/routing#csrf-x-csrf-token
Please or to participate in this conversation.