表单伪造和 CSRF 保护
表单提交会出现419错误
html
<form action="/task/getform" method="post">
用户名:<input type="text" name="user">
<button type="submit">提交</button>
</form>csrf_token
html
<!-- CSRF令牌保护 -->
<input type="hidden" name="_token" value="{{csrf_token()}}">
<!-- 修改提交方式 -->
<input type="hidden" name="_method" value="PUT">
<!-- 快捷方式 -->
@csrf
@method('PUT')配置白名单
php
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array<int, string>
*/
protected $except = [
'api/*'
];
}