4

This is often seen in Laravel. When a form is submitted, sometimes the application redirects to a page saying:

The page has expired due to inactivity.

Please refresh and try again.

I know that this is a security mechanism in Laravel against CSRF. How can it be prevented from displaying since this may not be appropriate when application is deployed in production server.

Community
  • 1
  • 1
Birendra Gurung
  • 2,168
  • 2
  • 16
  • 29
  • Possible duplicate of ["The page has expired due to inactivity" - Laravel 5.5](https://stackoverflow.com/questions/46141705/the-page-has-expired-due-to-inactivity-laravel-5-5) – Daniel Apr 16 '18 at 19:35
  • In your middleware folder, there is a file named `VerifyCsrfTocken.php`. There you just need to add to the array `$except` the routes you dont want to be secured with a csrf token – Luis felipe De jesus Munoz Apr 16 '18 at 19:36

1 Answers1

7

It's the 419.blade.php template that is being resolved.

If you want to change the message, you can make this file in views/errors/419.blade.php

If you want to capture the exception and perform your own actions against it, you can use the App\Exceptions\Handler.php and specifically capture $e instanceof TokenMismatchException.

Then within that conditional you can choose what action to take.

Ohgodwhy
  • 49,779
  • 11
  • 80
  • 110