-1

I have a large Laravel application (Laravel 10, PHP 8.1), recently due to a hosting issue I had to redeploy the whole thing from a backup, everything is working fine except if I need to submit any forms (which were working fine previously).

The @CSRF token is in place on the forms (and these worked fine previously). Following the steps here (419 Page Expired In Laravel Even after adding CSRF token), I have tried:

  • Double checked the APP_URL settings
  • Extended the SESSION_LIFETIME
  • Added the SESSION_DOMAIN=myapp.local to .env
  • Resetting permissions on the cache
  • Updating the application
  • Checked that the CSRF is generating the correct hidden field in the form
  • Regenerated my application key
  • Clear all the caches
  • Switched the SESSION storage from file to database
  • Completely binned my browsers cache, used incognite mode and a complete different browser.
Mr Fett
  • 7,979
  • 5
  • 20
  • 21
  • Any suggestions for things to check would be great, for example, I can see the CSRF token in the HTML (for example, but I have no idea where to check for this. Should this bein the sessions table in the database? – Mr Fett Jul 06 '23 at 13:29
  • Seems like you have tried most of the recommended things. Can you try to php artisan view:clear ? – Kevin Jul 06 '23 at 13:34
  • Thanks Kevin, alas tried that too. Much to my great shame, I didn't notice that for some reason, even though I logged in with https, the user is redirected to a http version fo the site once logged in!!! – Mr Fett Jul 06 '23 at 13:45
  • 1
    Nice to see you solved it, small stuff like these can eat up a lot of time heh – Kevin Jul 06 '23 at 13:48

1 Answers1

0

This might help someone else, this was my own lack of attention to detail. For some reason on redeploying, users were being directed to a http version of the site (even though they logged in to the https version and the .ENV file and everything I can find say https). Going to diagnose this new problem.

Mr Fett
  • 7,979
  • 5
  • 20
  • 21