I just had the exact same issue and it was down to me being completely stupid. I had disabled all of the form fields (rather than just the submit button) via javascript before submitting said form! This, of course, resulted in the all the form elements not being submitted (including the hidden _token
field) which in turn brought up the 419 error!
I hope this helps someone from a few hours of head scratching!