Home > Enterprise >  419 Page Expired In Laravel Even after adding CSRF token
419 Page Expired In Laravel Even after adding CSRF token

Time:03-20

I am working on a Laravel 8 Framework, I have added the application on the live Cpanel server and then it started showing below Error:

419 PAGE EXPIRED

I know generally missing CSRF token will be the main issue but in this, I have added the CSRF token, I am using LARAVEl blade syntax so adding LARAVEL blade form syntax the "Token" (CSRF) will get added directly.

 {{ Form::open( [ "url" => \URL::route("front.login.check"), "autocomplete"=>false,"id" => "login_form" ] ) }}

This will add the CSRF automatically, I have tried adding directly, But every POST request end up on the 419 PAGE EXPIRED page.

What do I have checked already?

  • CSRF Token Is not missing in the Form
  • I have checked middleware also but this request did not reach the middleware after form submit it will take to the 419 page
  • Also try to php artisan cache:clear and dump-autoload command but the issue is still.
  • Added 755 permission to storage, vendor and cache folder also.

Please help me on this What next should I need to check for solve this issue?

CodePudding user response:

1- php artisan route:clear

2- go to CSRF middleware and try to add "*" to your except array

CodePudding user response:

Laravel "419 Page Expired" Error Troubleshooting Steps

.env file contents applying the above 3 steps.

Change myapp.local to your application domain.

APP_URL="http://myapp.local"
SESSION_LIFETIME=1440
SESSION_DOMAIN=myapp.local
SESSION_SECURE_COOKIE=false
  • Make sure you submit a CSRF token along with you (PUT/POST/DELETE/etc.) HTTP requests. (I.e: <input type="hidden" name="_token" value="{{ csrf_token() }}" />).
  • Regenerate your application key automatically. (I.e: php artisan key:generate).
  • Clear your application cache. (I.e: php artisan cache:clear).
  • Confirm that the application caller has read & write permissions in the application's "sessions" & "cache" folder. (I.e: chmod -R 755 "storage/framework/sessions" && chmod -R 755 "bootstrap/cache").

Addendum 1:

  • If in case you have Laravel Sanctum installed and enabled, add your application domain among the whitelist of "sanctum stateful domains".

.env file contents

Change myapp.local to your application domain.

SANCTUM_STATEFUL_DOMAINS="myapp.local"

Addendum 2:

.env file contents

SESSION_DRIVER=file

Addendum 3:

  • Disable the browser cache. This may be beneficial during your development process.
  • Open your browser, navigate to your application's home page, reload the current page, ignoring cached content. (I.e: On Windows: Shift F5 or Ctrl Shift r and on Mac: ⌘ Shift r).
  • Related