So I'm exporting a pseudo-form (submit is never used) to an other website.
I push a meta in the HTML with the X-CSRF-TOKEN in it and a script to performs request toward my website.
When I make a first request to my website everything is OK. Even CORS leave me alone now.
But, if I do a new request, I get the gentle message from Laravel :
"message": "CSRF token mismatch."
I still use the same csrf token, I see it in my log.
So my questions are : - Do I need to send back a new csrf token with my response ? But I think it's a bit weird. - Or, what can possibly invalidate my csrf token ?
NOTE: The main idea is I need to make a lot of request during the process.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire