Level 3
Probably an error with your session configs. Check the domain option.
If using file session, might come from write right.
1 like
Aug 11, 2017
4
Level 1
CRSF protection - bug
Hello, I have a Laravel app in deployment. When I try from my personal computer (with clearing cache and all) to access a POST request, there is no problem. However, when I try to do it in another computer or another navigator, it generate a CSRF TokenMismatchException. I tried to clear every cache I got. Thank you very much for your further help. Jonas
Level 1
@Parasoul Merci pour la réponse rapide
I saw my storage permission drwxrwxrwx 6 www-data www-data 4096 Aug 9 18:09 storage
I think its OK isn't it?
(Some accounts can access the POST data and others can't, that's wierd)
Level 42
Check below points:
- In .env > APP_URL and SESSION_DOMAIN set correctly
- Your
storagefolder having correct permission - Check that
csrf-tokenelement render perfectly
Hope one of from above will solved this issue...
Level 1
Hi @saurabh , thanks for your answer ! I checked the app_url is good (localhost), i'm on debian8 / vps. My SESSION_DOMAIN is set to NULL
My CSRF is the same before the post, but when I apply, it changes to another and generate a token Mismatch exception.
Actually from other computers, it works everywhere fine with Mozilla & Chrome BUT it fails with the TOKEN mismatch with Safari and Edge.
Anyone had that kind of problem before?
Please or to participate in this conversation.