问题
I am using paytabs payment gateway api. In that api, a redirect url have to given, so that once the transaction is completed, the page will redirect automatically to your given redirect url. The url was a GET url but since the response of the api comes as a POST type, I was unable to use get url. To resolve that issue, I made that route a POST url but by making it post method, I am not getting any CSRF token. In the end, I get this issue.
TokenMismatchException in VerifyCsrfToken.php line 68:
Is there any way by which I could disbale CSRF token functionality for only single POST url?
--SUGGESTION TRIED-- I did this as per your suggestion
class VerifyCsrfToken extends Middleware
{
protected $except = [
'signup/complete',
];
}
and now getting
Class 'Middleware' not found
回答1:
From the docs:
Typically, you should place these kinds of routes outside of the web middleware group that the RouteServiceProvider applies to all routes in the
routes/web.phpfile. However, you may also exclude the routes by adding their URIs to the $except property of theVerifyCsrfTokenmiddleware:
class VerifyCsrfToken extends Middleware
{
protected $except = [
'stripe/*',
'http://example.com/foo/bar',
'http://example.com/foo/*',
];
}
回答2:
You can exception in csrf middleware. go to app/http/Middleware/VirefyCsrfToken.php
class VerifyCsrfToken extends BaseVerifier{
protected $except = [
'route url1',
'route url2',
]
}
回答3:
for how use localhost in your project folder /app/http/middleware/VerifyCsrfToken.php edit
protected $except = [
//
'http://localhost/blog/return_url', // your url
];
来源:https://stackoverflow.com/questions/48339630/remove-csrf-token-only-for-single-method-laravel