Level 14
Well, it looks like Postman is adding a X-CSRF token in headers for some reason...
Sep 25, 2019
2
Level 14
Getting CSRF token mismatch with cURL POST request
I can't understand what is happening here. When I make a POST request using Postman it works! But when I try to do a cURL POST request from a route then it gives me this error:
CSRF token mismatch /Middleware/VerifyCsrfToken.php#82
Here is my VerifyCsrfToken:
protected $except = [
'https://log.mywebsite.com/*',
];
Here is my cURL request
Route::get('test', function (Illuminate\Http\Request $request)
{
$endpoint_url = 'https://log.mywebsite.com/';
$data_to_post = ['log_message' => 'foo'];
$options = [
CURLOPT_URL => $endpoint_url,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $data_to_post,
];
$curl = curl_init();
curl_setopt_array($curl, $options);
$results = curl_exec($curl);
curl_close($curl);
return response()->json($results);
});
What is happening? I'm so confused.. Why does it work with Postman but not from my route?
Level 14
Ahh! I found the problem! I had to remove the trailing slash from my CSRF except
Instead of this
'https://log.mywebsite.com/*',
I replaced it with this and it worked!
'https://log.mywebsite.com*',
Please or to participate in this conversation.