Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Delete window.Laravel.csrfToken for Laravel#4260 #19135

Merged
merged 1 commit into from
May 10, 2017
Merged

Delete window.Laravel.csrfToken for Laravel#4260 #19135

merged 1 commit into from
May 10, 2017

Conversation

DrowningElysium
Copy link
Contributor

If PR laravel/laravel#4260 is accepted we will no longer need window.Laravel

If PR laravel/laravel#4260 is accepted we will no longer need window.Laravel
Copy link
Contributor

@arcanedev-maroc arcanedev-maroc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to replace it with:

<meta name="csrf-token" content="{{ csrf_token() }}">

UPDATE: See the comment below

@fernandobandeira
Copy link
Contributor

@arcanedev-maroc Actually the meta is already there so he only need to remove it.

@arcanedev-maroc
Copy link
Contributor

You're right @fernandobandeira, i didn't view the whole file 😄

@taylorotwell taylorotwell merged commit 020b783 into laravel:5.4 May 10, 2017
@devcircus
Copy link
Contributor

devcircus commented May 10, 2017

The entire layout file is just boilerplate to help you get started. This snippet was very useful as I use it in practically every app I work on. I always need to add a few more items.

Seems much easier to delete it if you don't want it than to add it...

@DrowningElysium
Copy link
Contributor Author

@devcircus It seemed to me like it was added with not really a good reason behind it, also the docs are telling us to add it as meta but doesn't tell us to add that script part, so why not just make the script take it from the meta tag directly instead?

@devcircus
Copy link
Contributor

It makes sense, and I've wondered why it was added as well.

Laravel Spark actually uses window.Spark for the csrf token instead of the meta tag:

// from spark-bootstrap.js

window.axios.defaults.headers.common = {
    'X-Requested-With': 'XMLHttpRequest',
    'X-CSRF-TOKEN': Spark.csrfToken
};

And ever since I started using Spark, I find myself using a window.MyProject in everything I build and so the snippet came in very handy.

It's nothing a sublime snippet can't handle though. :)

@OwenMelbz
Copy link
Contributor

I also see this being a pain, lots of javascript libraries pull from this namespace, and it provides a convenient place to tack on other data which can be used by JS.

Personally 🔥 this PR :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants