Laravel protects against
CSRFattacks by generating a
CSRF token . This
CSRF tokenis generated automatically for each user. This token - is nothing more than a random string that is manipulated by the Laravel application to validate custom requests.
How to use:this CSRF token protection can be applied to any HTML form in the Laravel application by specifying a hidden CSRF token form field. Requests are automatically
validatedby the CSRF middleware
VerifyCsrfToken .There are three different ways to do this.
@csrf csrf_field() csrf_token() @csrf:is a blade template directive to generate a hidden input field in an HTML form.
csrf_field(): this function can be used to create a hidden input field in an HTML form.
Note:this function must be written inside double curly braces.
csrf_token(): this function just produces a random string. This function does not generate a hidden input field.
Note:HTML input must be written explicitly. This function must be written inside double curly braces.
Output data: the output will be the same for any of the above three ways to generate a CSRF token. The CSRF token field must be written / generated at the beginning of every HTML form in any of three ways in a Laravel application. Check element output: Link: https://laravel.com/docs/6.x/csrf