Level 50
Have a look at the docs on csrf for how to disable it on your route.
Apr 2, 2017
5
Level 1
Post request from another domain results TokenMismatchException
I'm working with a bank api. The bank send a post request to my website but does not return there is not a token field is their request and I am faced with TokenMismatchException. How can I fix this problem?
Level 1
@ohffs Thank you. Is it cause problems in terms of security?
Level 50
I guess just be a bit more careful with that route - you're pretty much letting anyone in the world send a POST request to it. Depends if you can limit access in some other way - but you'll have to look into that for your app & the bank.
1 like
Level 1
@ohffs One more thing, how can i except a route that has parameter. for example:
protected $except = [
'new-order/{orderId}/after-payment'
];
Level 50
The docs show using the * to match any sub-route. Like new-order/*.
1 like
Please or to participate in this conversation.