I am working on a Laravel 8 Framework, I have added the application on the live Cpanel server and then it started showing below Error:

419 PAGE EXPIRED

I know generally missing CSRF token will be the main issue but in this, I have added the CSRF token, I am using LARAVEl blade syntax so adding LARAVEL blade form syntax the "Token" (CSRF) will get added directly.

 {{ Form::open( [ "url" => \URL::route("front.login.check"), "autocomplete"=>false,"id" => "login_form" ] ) }}

This will add the CSRF automatically, I have tried adding directly, But every POST request end up on the 419 PAGE EXPIRED page.

What do I have checked already?

• CSRF Token Is not missing in the Form
• I have checked middleware also but this request did not reach the middleware after form submit it will take to the 419 page
• Also try to php artisan cache:clear and dump-autoload command but the issue is still.
• Added 755 permission to storage, vendor and cache folder also.

Please help me on this What next should I need to check for solve this issue?

CodePudding user response：

1- php artisan route:clear

2- go to CSRF middleware and try to add "*" to your except array

CodePudding user response：

Laravel "419 Page Expired" Error Troubleshooting Steps

• Increase your session expiration time (I.e. 24 hours).
• Make sure that the "session domain" is the same as the "app URL".
• Ensure that the session cookies are sent back to the server for both "HTTP" & "HTTPS" browser connections.

.env file contents applying the above 3 steps.

Change myapp.local to your application domain.

APP_URL="http://myapp.local"
SESSION_LIFETIME=1440
SESSION_DOMAIN=myapp.local
SESSION_SECURE_COOKIE=false

• Make sure you submit a CSRF token along with you (PUT/POST/DELETE/etc.) HTTP requests. (I.e: <input type="hidden" name="_token" value="{{ csrf_token() }}" />).
• Regenerate your application key automatically. (I.e: php artisan key:generate).
• Clear your application cache. (I.e: php artisan cache:clear).
• Confirm that the application caller has read & write permissions in the application's "sessions" & "cache" folder. (I.e: chmod -R 755 "storage/framework/sessions" && chmod -R 755 "bootstrap/cache").

Addendum 1:

• If in case you have Laravel Sanctum installed and enabled, add your application domain among the whitelist of "sanctum stateful domains".

.env file contents

Change myapp.local to your application domain.

SANCTUM_STATEFUL_DOMAINS="myapp.local"

Addendum 2:

• Ensure that your "session driver" isn't empty. The default value is "file".

.env file contents

SESSION_DRIVER=file

Addendum 3:

• Disable the browser cache. This may be beneficial during your development process.
• Open your browser, navigate to your application's home page, reload the current page, ignoring cached content. (I.e: On Windows: Shift F5 or Ctrl Shift r and on Mac: ⌘ Shift r).