VerifyCsrfToken error with no status or message on line 82

In Exceptions/Handler.php i added some logic to send an email with every exception from my flow ( i added this to report method ).

In my flow i have severals forms and from time to time i get an email with an error on line 82 in file: Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php . At this line is this "throw new TokenMismatchException ".

After reading some questions & answers i added csrf token to my forms.

The thing is i can't reproduce this error and the exception doesn't have any error code or message.

Beside that, in laravel.log there's no error about csrf.

My questions are:

Is this error flow breaking? I've made the flow several times and i didn't get any error, but if this exception will be throwed when a customer is in the flow, it will break the flow ( i mean it will be redirected to an error page ) or the client will know nothing?

Why this error is not in laravel.log?

Do you have any idea what can i do to fix this error?

bobbybouwmann

6 years ago

Best Answer

Level 88

Well, this error is being ignored by default in Laravel. You can see that here: https://github.com/laravel/framework/blob/6.x/src/Illuminate/Foundation/Exceptions/Handler.php#L55-L69

This exception basically means that the session of the user has expired. Because of that, the CSRF-token is not valid anymore. If that happens you get a TokenMismatchException.

This is not really an exception in the application. This happens when for example you have a form that has been open for over 2 hours (depending on your session time). Whenever you submit after that given time, the session already has changed and therefore also the CSRF-token. You then get this exception.

Does this make any sense?

If not this might be a good read: https://laravel.com/docs/6.x/csrf

ioanandrei

6 years ago

Level 1

Yes. Thank you very much!

Please or to participate in this conversation.