laravel 5 5 The page has expired due to inactivity Please refresh and try again

Question

I m new with Laravel and I have a problem which I don t understand  I have   log form in my project and my method is POST  When I try a request the result is        The page has expired due to inactivity  Please refresh and try   again     But if I change the method to GET  It works fine    Can someone tell me why is that and how to fix it  because of course I need  POST method

User · Answer

In my case  it seems to be an issue in my web browser  Firefox for Android  or my smartphone with full storage  In another browsers and devices it works  By the way  the issue happens only when I send files through the form  I realized I currently can t upload files from my smartphone through this browser in any websites like https   filebin net

User · Answer

In my case the same problem was caused because I forgot to add  gt  at the end of my hidden input field  like so   lt input type  hidden  name   token  value     Session  token         So  I fixed it by adding it    lt input type  hidden  name   token  value     Session  token       gt

User · Answer

Still anyone have this problem  use following code inside your form as below    echo   lt input type    hidden  name     token  value       csrf token       gt

User · Answer

This happens because you are using the default CSRV middleware from Laravel s installation  To solve  remove this line from your Kernel php    App Http Middleware VerifyCsrfToken  class    This is fine if you are build an API  However  if you are building a website this is a security verification  so be aware of its risks

User · Answer

Anytime you define an HTML form in your application  you should include a hidden CSRF token field in the form so that the CSRF protection middleware can validate the request  You may use the csrf field helper to generate the token field    lt form method  POST  action   profile  gt         csrf field               lt  form gt    It doesn t work  then Refresh the browser cache and now it might work    For more details open link   - CSRF Protection in Laravel 5 5  UPDATE   With Laravel 5 6 using Blades templates  it s pretty easy    lt form method  POST  action   profile  gt       csrf          lt  form gt    For more details open link  - CSRF Protection in Laravel 5 6

User · Answer

I recently went through this problem  tried all the solutions proposed here  and the internet  without success for 5 days   In my case my environment   Laravel  5 5  PHP  7 2  SSL  production  Apache  CENTOS  The problem is that I had automated the deployment using the git --bare repository with ansimble   And all folders when pushing were with permission 0775  inherited from the git user   When ansinble was run it replicated this permission to all folders  When composing install for example  all vendor folders also had this permission   The csrf  has a policy of blocking what is considered insecure  especially if you use an encrypted environment  SSL    I only realized the problem when I decided to carry out the deployment manually  zipped the project  uploaded it  unzipped it and ran the commands to generate the caches and dependencies  And then I realized that this way all folders were with permission 0755  inherited from the system user   And this is the default permission that is considered safe

User · Answer

I know this question has been satisfactorily answered  but I wanted to mention a fix that worked in my case  I added    csrf field      and it still didn t work    Then I remembered that I blocked all cookies for development purposes  which can be nice when you change the page and want to refresh it   Once I changed the settings to stop blocking all cookies in MS Edge browser the problem went away

User · Answer

Tried different solutions to solve the problem for several weeks without success   The problem I was facing was caused by upgrading from laravel 5 0 to 5 5 and forgot to update config session php  If anyone is facing the problem  try to update the config session php to match the version on Laravel you are running

User · Answer

my problem solved by just adding  csrf in form tag  Laravel 5 6 doesn t support    csrf field      just add  csrf in place of    csrf field       larvel fix error png

User · Answer

We got it working by copying the routes from Router php instead of using Auth  routes    these are the routes you need   Route  get  login    Auth LoginController showLoginForm  - gt name  login    Route  post  login    Auth LoginController login    Route  post  logout    Auth LoginController logout  - gt name  logout        Registration Routes    Route  get  register    Auth RegisterController showRegistrationForm  - gt name  register    Route  post  register    Auth RegisterController register        Password Reset Routes    Route  get  password reset    Auth ForgotPasswordController showLinkRequestForm  - gt name  password request    Route  post  password email    Auth ForgotPasswordController sendResetLinkEmail  - gt name  password email    Route  get  password reset  token     Auth ResetPasswordController showResetForm  - gt name  password reset    Route  post  password reset    Auth ResetPasswordController reset

User · Answer

If you have already included the CSRF token in your form  Then you are getting the error page possibly because of cache data in your form    Open your terminal command prompt and run these commands in your project root    php artisan cache clear   php artisan config clear    php artisan route clear    php artisan view clear    Also try to clear the browser cache along with running these commands

User · Answer

Just place this code inside the form    lt input type    hidden  name     token  value     lt  php echo csrf token     gt     gt

User · Answer

First  include csrf in your form      csrf field        if the problem didn t solve  then use ob start    at the very start of index php    lt  php ob start

User · Answer

In my case   I added ob start    at the top of my index php on server and everything seems to be working fine

User · Answer

It may be csrf token do not have in your form  You have to use  crsf or    csrf field      If you are use csrf on your form  It may be cache  Clear your app cache   php artisan cache clear php artisan view clear php artisan cache clear   And clear your browser cache  If errors again show you  then create a new key  php artisan key generate

User · Answer

if your config is set  SESSION DRIVER file you have to check if your session directory is writable  Check storage framework session

User · Answer

Place   csrf field     Into your form tag

User · Answer

if you need to change form action with Javascript you will have the same problem   1 first you need to use  instead of    Form  open           close       in laravel  2 second you most begin your action with https   www example com  your Route  Do not Forget www in your url

User · Answer

i had same problem  use  clear browsing data  in chrome  maybe solve your problem

User · Answer

I had the same problem  I have tried many solutions  but none worked for me  then I found out that for some reason I was using this in my  env file   SESSION DOMAIN  myapp me  and as soon as I put it back to null  everything worked just fine

User · Answer

Excluding URIs From CSRF Protection   Sometimes you may wish to exclude a set of URIs from CSRF protection  For example  if you are using Stripe to process payments and are utilizing their webhook system  you will need to exclude your Stripe webhook handler route from CSRF protection since Stripe will not know what CSRF token to send to your routes   Typically  you should place these kinds of routes outside of the web middleware group that the  RouteServiceProvider applies to all routes in the routes web php file  However  you may also exclude the routes by adding their URIs to the  except property of the VerifyCsrfToken middleware    lt  php  namespace App Http Middleware   use Illuminate Foundation Http Middleware VerifyCsrfToken as Middleware   class VerifyCsrfToken extends Middleware                  The URIs that should be excluded from CSRF verification                 var array             protected  except              stripe              http   example com foo bar            http   example com foo

User · Answer

I was facing the same error so i just removed this line from my  env file  SESSION DRIVER yourwebsite com

User · Answer

It s Funny  but it works for me  i realised this is Caused because of default HTML TAG in laravel code   Use            or    -- --    instead  Or Try to Remove Recently Html Coment in you code    Or change Html Comment to Php Comment    Or try to run Any Worng artisan command like  php artisan clean browser And See if it output any HTML Commented data along with it error

User · Answer

In my case  I ve got the same error message and then figured out that I ve missed to add csrf token for the form field  Then add the csrf token   Using form helper that will be      csrf field        Or without form helper that will be    lt input type  hidden  name   token  value     csrf token       gt    If that doesn t work  then-  Refresh the browser cache   and now it might work  thanks   Update For Laravel 5 6    Laravel integrates new  csrf instead of    csrf field       That looks more nice now    lt form action    gt      csrf         lt  form gt

User · Answer

Go into  App Kernel php and comment  App Http Middleware VerifyCsrfToken  class

User · Answer

This problem comes from the CSRF token verification which fails  So either you re not posting one or you re posting an incorrect one   The reason it works for GET is that for a GET route in Laravel  there is no CSRF token posted   You can either post a CSRF token in your form by calling      csrf field        Or exclude your route  NOT RECOMMENDED DUE TO SECURITY  in app Http Middleware VerifyCsrfToken php   protected  except          your route

User · Answer

Verify that your config session php file contains this line    domain    gt  env  SESSION DOMAIN   null     Then remove the SESSION DOMAIN line in your  env file

User · Answer

Just add  csrf inside your form tag   Or you can include csrf token in the header to send it with every request

User · Answer

If anyone still looking for an answer to this issue  For me it happens when I m switching between local and production server and I m logged on both sites  To fix the issue  just clear the session    just set the  expire on close    gt  true in config session php and restart your browser

User · Answer

In my case  there was  space  before  lt  php in one of my config file  This solved my issue

[php] laravel 5.5 The page has expired due to inactivity. Please refresh and try again

Examples related to php

Examples related to laravel