Laravel 5：无需CSRF检查的POST [英] Laravel 5: POST without CSRF checking

问题描述

Laravel 5默认情况下似乎将CSRF过滤器应用于所有未获取的请求。对于表单POST来说可以，但是对于发布删除等的API可能是个问题。

It seems that Laravel 5 by default applies the CSRF filter to all non-get requests. This is OK for a form POST, but might be a problem to an API that POSTs DELETEs etc.

简单问题：

如何设置没有CSRF保护的POST路由？

How can I set a POST route with no CSRF protection?

推荐答案

转到 app /Http/Middleware/VerifyCsrfToken.php ，然后在$ except数组中输入您的路由（要禁用csrf令牌）。

Go to app/Http/Middleware/VerifyCsrfToken.php and then enter your routes(for which you want to disable csrf token) in the $except array.

例如：

class VerifyCsrfToken extends BaseVerifier
{

    protected $except = [

        '/register'

    ];
}

这篇关于Laravel 5：无需CSRF检查的POST的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！