取消csrftoken驗證
/laravel/app/Http/Middleware/VerifyCsrfToken.php
/** * The URIs that should be excluded from CSRF verification. * * @var array */ protected $except = [ // 'myhomeland/*', ];
主動傳入_token 或 header裏有X-CSRF-TOKEN 或X-XSRF-TOKEN
/** * Get the CSRF token from the request. * * @param \Illuminate\Http\Request $request * @return string */ protected function getTokenFromRequest($request) { $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN'); if (! $token && $header = $request->header('X-XSRF-TOKEN')) { $token = $this->encrypter->decrypt($header, static::serialized()); } return $token; }