Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

saqueib's avatar

Laravel 5.4 is not setting cookies when uploaded to server

I am facing this issue since last 2 days, tried many things but not able to get it working, I am getting most annoying tokenMismatchExceptionexception.

I tried a fresh installation that works fine, so I copied vendor folder from working on to my actual app, but it didn't work. After more digging, I saw that laravel_session & XSRF-TOKEN cookies are not set in chrome dev tool.

What could be the reason, same app is working on localhost but not working on the server.

Main problem what I see it not able to set the cookies (laravel_session & XSRF-TOKEN)

Session storage is working as I can see on server storage/framework/session/ creates new file on refresh. So it's not permission error.

Alos tried by changing APP_URL & SESSION_DOMAIN, no luck.

Laravel Framework 5.4.16

Kernel Middleware

'web' => [
            \Illuminate\Session\Middleware\StartSession::class,
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
        ],

.env

    APP_ENV=local
    APP_KEY=base64:7WcmnZI8WcYQiNr9jn3JcTf//1scVAPtz2crL0bz4TE=
    APP_DEBUG=true
    APP_LOG_LEVEL=debug
    APP_URL=http://localhost
    
    DB_CONNECTION=sqlite
    
    BROADCAST_DRIVER=log
    CACHE_DRIVER=file
    SESSION_DRIVER=file
    QUEUE_DRIVER=sync

app/session.php

    return [
        'driver' => env('SESSION_DRIVER', 'file'),
        'lifetime' => 120,
        'expire_on_close' => false,
        'encrypt' => false,
        'files' => storage_path('framework/sessions'),
        'connection' => null,
        'table' => 'sessions',
        'store' => null,
        'lottery' => [2, 100],
        'cookie' => 'laravel_session',
        'path' => '/',
        'domain' => env('SESSION_DOMAIN', null),
        'secure' => env('SESSION_SECURE_COOKIE', false),
        'http_only' => true,
    ];

Same settings work on fresh install. please help guys

0 likes
11 replies
saqueib's avatar

@jlrdw I have already checked, tried it in different browser even on my mobile same error. I don't understand why the cookie is not being set.

On other hand if I did install a fresh copy it works on same server.

Is there any other settings which control cookies/session?

jlrdw's avatar

session ( SESSION_DRIVER=file) works by storing cookie.

A cookie in stored on users local machine via browser.

A session is stored in storage folder on server.

That's why I asked. Are you sure your storage folder permissions are correct. And check your session configuration ALL configuration concerning the session.

And check routes, check file names, class names, linux is case sensitive.

But you have a config off somewhere.

MortensenC's avatar
MortensenC
9 years ago
Best Answer
Level 2

I solve my problem, some of my files didn't follow the standar PSR2... http://www.php-fig.org/psr/psr-2/ (One of my files in config folder has PHP end tag "?>", and that was the reason of the error...)

1 like
monum's avatar

In my case There was an enter before <?php

in routes/web.php

1 like
sreenadhh's avatar

@monum Same in my case too. __There was an enter before <?php

in routes/web.php__

Laravel 5.7. Mac OS Mojave

2 likes
smallsuccess's avatar

it is because of the "cookie" parameter which depends on the APP_NAME by default. it seems some strange characters make it incompatible on linux.

I changed the "cookie" parameter to a hard-coded name and it worked !

Please or to participate in this conversation.