David A. Windham
david
/
laravel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Remove manual adding of X-CSRF-TOKEN header (#5083)

This is unnessecery code because Axios already automatically adds
a X-XSRF-TOKEN header from the XSRF-TOKEN cookie encrypted value on
same-origin requests. The `VerifyCsrfToken` middleware and Passport's
`TokenGuard` already allow using the `X-XSRF-TOKEN` header.
Jess Archer 5 years ago
parent
b84bcc6446
commit
aa74fcb38f
1 changed files with 0 additions and 14 deletions
Split View Show Diff Stats
  1. 0 14
      resources/js/bootstrap.js

+ 0 - 14
resources/js/bootstrap.js
View File 

@@ -23,20 +23,6 @@ window.axios = require('axios');
 
 
 window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
 
 
-/**
 
- * Next we will register the CSRF Token as a common header with Axios so that
 
- * all outgoing HTTP requests automatically have it attached. This is just
 
- * a simple convenience so we don't have to attach every token manually.
 
- */
 
-
 
-let token = document.head.querySelector('meta[name="csrf-token"]');
 
-
 
-if (token) {
 
-    window.axios.defaults.headers.common['X-CSRF-TOKEN'] = token.content;
 
-} else {
 
-    console.error('CSRF token not found: https://laravel.com/docs/csrf#csrf-x-csrf-token');
 
-}
 
-
 
 /**
 
  * Echo exposes an expressive API for subscribing to channels and listening
 
  * for events that are broadcast by Laravel. Echo and event broadcasting