I see sometimes in logs TokenMismatchException and I noticed that this exception is thrown only for mobile users (Android, iOS) or Google Bot.
I set in meta tag csrf token and when the page is loaded I make a post ajax request. I set header in that request like that:
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
but this token is other that the one saved on the session.
Unforunately I would be able only once to reproduce this error myself on iPhone. When I loaded the page again everything was ok (even when I deleted all browser data).
Does anyone know what is wrong?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire