Use CSRF Protection

Cross-Site Request Forgery (CSRF) attacks occur when a malicious website or script forces a user to perform an action on another website without their knowledge or consent. To protect your Laravel application from CSRF attacks, you should enable CSRF protection.

Laravel includes CSRF protection middleware by default, which adds a CSRF token to all HTML forms and AJAX requests. To enable CSRF protection, add the VerifyCsrfToken middleware to the $middleware array in app/Http/Kernel.php:

protected $middleware = [
    // ...
    \Illuminate\Foundation\Http\Middleware\VerifyCsrfToken::class,
];

Once CSRF protection is enabled, you should include a CSRF token in all forms and AJAX requests in your application. You can do this using the @csrf Blade directive or the csrf_token() function.

Worpress

Getting Started

Theme Setup

Sanitization

Form

Reference

Quality Assurance

Code Snippets

AMC Guide

Laravel

Best Practices

Use CSRF Protection