Annajwaszahro
/
MIF_E31222691
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tweaks CSRF filter.

This commit is contained in:
Taylor Otwell 2014-10-09 21:50:52 -05:00
parent e16868571b
commit 4d0de14b45
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
app/Http/Middleware/CsrfMiddleware.php
View File

@ -15,12 +15,23 @@ class CsrfMiddleware implements Middleware {
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if ($request->session()->token() != $request->input('_token')) if ($request->method == 'GET' || $this->tokensMatch($request))
{ {
throw new TokenMismatchException; return $next($request);
} }
return $next($request); throw new TokenMismatchException;
}
/**
* Determine if the session and input CSRF tokens match.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function tokensMatch($request)
{
return $request->session()->token() != $request->input('_token');
} }
} }