Скачать или смотреть Resolving CSRF Token Mismatch Issues with AJAX in Laravel

Learn how to fix the `CSRF token mismatch` error when moving JavaScript code from a Laravel view to an external JS file by following these easy steps.
---
This video is based on the question https://stackoverflow.com/q/65719850/ asked by the user 'self self' ( https://stackoverflow.com/u/14116375/ ) and on the answer https://stackoverflow.com/a/65719950/ provided by the user 'David' ( https://stackoverflow.com/u/328193/ ) at 'Stack Overflow' website. Thanks to these great users and Stackexchange community for their contributions.

Visit these links for original content and any more details, such as alternate solutions, latest updates/developments on topic, comments, revision history etc. For example, the original title of the Question was: Ajax does not work when it is in a js page in laravel

Also, Content (except music) licensed under CC BY-SA https://meta.stackexchange.com/help/l...
The original Question post is licensed under the 'CC BY-SA 4.0' ( https://creativecommons.org/licenses/... ) license, and the original Answer post is licensed under the 'CC BY-SA 4.0' ( https://creativecommons.org/licenses/... ) license.

If anything seems off to you, please feel free to write me at vlogize [AT] gmail [DOT] com.
---
Troubleshooting AJAX Issues in Laravel: CSRF Token Mismatch Error

If you are working with Laravel and AJAX, you may run into some issues when trying to refactor your JavaScript code into an external file. A common problem developers face is the infamous CSRF token mismatch error that emerges when moving your AJAX functionality. This post will guide you through the process of solving this issue effectively!

Understanding the Problem

In a scenario where you have an AJAX request set up in a Laravel view, you might be using a code snippet similar to this:

[[See Video to Reveal this Text or Code Snippet]]

This code works perfectly within a Laravel view. However, when you attempt to move it into an external JS file and load it using a <link> element like this:

[[See Video to Reveal this Text or Code Snippet]]

You might encounter the dreaded CSRF token mismatch error. Let’s dive into the explanations and solutions.

The Issue at Hand

Incorrect Tag Usage:

The <link> tag is meant for CSS files, not JavaScript. Loading your JS file using a <link> will often lead to unexpected behavior. Instead, use the correct <script> tag.

Here’s the correct way to include your JavaScript file:

[[See Video to Reveal this Text or Code Snippet]]

Static CSRF Token:

The placeholder {{ csrf_token() }} in your JS file does not get replaced with the actual CSRF token when the file is loaded as this placeholder only works in server-side rendered templates. When it's in an external JavaScript file, it remains unprocessed and is treated as a string.

Solutions to Fix the CSRF Token Mismatch

Option 1: Pass the CSRF token to the page

You can embed the CSRF token directly into your HTML before loading your JavaScript file. Put this script in the <head> section of your HTML:

[[See Video to Reveal this Text or Code Snippet]]

This way makes the token available globally for your JavaScript code. Adjust your AJAX setup as follows:

[[See Video to Reveal this Text or Code Snippet]]

Option 2: Use $.ajaxSetup directly in the page

Alternatively, you can keep the call to $.ajaxSetup in your Laravel view after loading jQuery but before any of your AJAX calls. Here’s a quick example:

[[See Video to Reveal this Text or Code Snippet]]

Conclusion

It can be a bit tricky to transition AJAX code from Laravel views to external JS files due to the handling of CSRF tokens. However, with the right understanding of how Laravel processes these tokens and by correctly linking your JavaScript files, you can bypass the CSRF token mismatch error with ease. Remember to always test your AJAX functionalities after any refactors to ensure everything works as expected!

Happy coding!