1

I pass a route in laravel which is called by a function in JS and I have no control of it because it is external, this route is a post method since I need it to be that way but it generates me a MethodNotAllowedHttpException as I do to exclude certain routes of this validation.

Note: I have already tried adding it in VerifyCsrfToken in its exception vector, modifying that class file VerifyCsrfToken extends Middleware to a new file called class VerifyCsrfToken extends BaseVerifier with all its dependencies and I have also disabled the validations in the Middleware but none of them works for me

Ilya Yaremchuk
  • 2,007
  • 2
  • 19
  • 36
Mhurtado
  • 13
  • 5
  • Can you please show us your ajax request code ? – Faraz Irfan Mar 01 '18 at 14:31
  • I do not do an ajax is a function JS external to my code, which makes the call to that route, of which I have no control over the call – Mhurtado Mar 01 '18 at 14:39
  • seems like your JS function is sending get request to that route, its not a CSRF Token problem, instead you are messing up with get or post request, please make sure you are sending post request and your route accepting post request. – Faraz Irfan Mar 01 '18 at 14:43
  • not because it is an integration, and the document explicitly says that it is a post method – Mhurtado Mar 01 '18 at 14:56

2 Answers2

0

From the docs:

You should place these kinds of routes outside of the web middleware group that the RouteServiceProvider applies to all routes in the routes/web.php file. However, you may also exclude the routes by adding their URIs to the $except property of the VerifyCsrfToken middleware:

protected $except = [
    'your/route/*',
];
Alexey Mezenin
  • 158,981
  • 26
  • 290
  • 279
  • I did this protected $except = [ 'autentificacion']; but it still does not work – Mhurtado Mar 01 '18 at 13:54
  • add it like this `protected $except = [' public/autentificacion*' ];` – Tahir Raza Mar 01 '18 at 13:58
  • @Mhurtado you need to [setup web server](https://stackoverflow.com/a/37507278/1227923) to get rid of `public` – Alexey Mezenin Mar 01 '18 at 14:01
  • it does not work yet the error is given to me in this part of the code protected function methodNotAllowed (array $ others) { throw new MethodNotAllowedHttpException ($ others); } on line 253-256 in the file C: \ xampp \ htdocs \ resexdev \ vendor \ laravel \ framework \ src \ Illuminate \ Routing \ RouteCollection.php and says No message – Mhurtado Mar 01 '18 at 14:03
0

For this you have to add the URI of the route inside protected $except. For example if you URL is www.example.com/full/route/ you have to add

protected $except = [
    '/full/route/*',
];

Seems like you're adding route name but not the URI.

Tahir Raza
  • 726
  • 1
  • 7
  • 20