/** * Add the CSRF token to the response cookies. * * @param \Illuminate\Http\Request $request * @param \Illuminate\Http\Response $response * @return \Illuminate\Http\Response */ protected function addCookieToResponse($request, $response) { if ('array' !== config('session.driver')) { return parent::addCookieToResponse($request, $response); } return $response; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $skip = array('login'); foreach ($skip as $key => $route) { //skip csrf check on route if ($request->is($route)) { return parent::addCookieToResponse($request, $next($request)); } } return parent::handle($request, $next); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { // Only enable CSRF on these routes: $enable_for = []; foreach ($enable_for as $route) { if ($request->is($route)) { return parent::handle($request, $next); } } return parent::addCookieToResponse($request, $next($request)); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //tsipizic we skip saml2 functions. NO csrf token here $skip = array('saml2/acs'); foreach ($skip as $key => $route) { //skip csrf check on route if ($request->is($route)) { return parent::addCookieToResponse($request, $next($request)); } } return parent::handle($request, $next); }