ivo/ponzi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #3118 from miclf/patch-1

Browse Source 
Prevent TokenMismatchException for HTTP OPTIONS requests
This commit is contained in:
Taylor Otwell
2014-11-06 13:10:14 -06:00
parent 10452da7b5 70d516b7ce
commit 0c3f1c967c
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/Http/Middleware/VerifyCsrfToken.php
View File

@@ -17,7 +17,7 @@ class VerifyCsrfToken implements Middleware {
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if ($request->method() == 'GET' || $this->tokensMatch($request)) if ($this->isReadOnly($request) || $this->tokensMatch($request))
{ {
return $next($request); return $next($request);
} }
@@ -36,4 +36,15 @@ class VerifyCsrfToken implements Middleware {
return $request->session()->token() == $request->input('_token'); return $request->session()->token() == $request->input('_token');
} }
/**
* Determine if the HTTP request uses a read verb.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function isReadOnly($request)
{
return in_array($request->method(), ['GET', 'OPTIONS']);
}
} }