Why I obtain this exception when I try to handle an AJAX request with a Laravel controller method?

Question

I am absolutely new in PHP and Laravel and I have the following problem.

From my view I perform an AJAX POST request via JQuery, by this code:

jQuery.ajax({
  url: '/doSearch',
  type: 'POST',
  dataType: 'json',
  //data: $form.serialize(),
  success: function(data){
   console.info('ssssssssssiiii',data);
     },
     error: function(data, b){
   console.info('erroreeeeee');
     }
 });

This POST request is handled by this simple controller method:

public function doSearch(){
    echo 'SEARCHED';
}

that have to return the view the SEARCHED string.

The problem is that I am obtaining this error message:

http://localhost:8000/doSearch 500 (Internal Server Error)

that is create by this exception casauted by a TokenMismatchException, in the Laravel stackrace I can see something like this:

in VerifyCsrfToken.php line 68
at VerifyCsrfToken->handle(object(Request), object(Closure)) in Pipeline.php line 137
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in Pipeline.php line 33
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in ShareErrorsFromSession.php line 49
at ShareErrorsFromSession->handle(object(Request), object(Closure)) in Pipeline.php line 137
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in Pipeline.php line 33
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in StartSession.php line 64
at StartSession->handle(object(Request), object(Closure)) in Pipeline.php line 137
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in Pipeline.php line 33
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in AddQueuedCookiesToResponse.php line 37
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure)) in Pipeline.php line 137
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in Pipeline.php line 33
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in EncryptCookies.php line 59
at EncryptCookies->handle(object(Request), object(Closure)) in Pipeline.php line 137
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in Pipeline.php line 33
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in Pipeline.php line 104
at Pipeline->then(object(Closure)) in Router.php line 644
at Router->runRouteWithinStack(object(Route), object(Request)) in Router.php line 618
at Router->dispatchToRoute(object(Request)) in Router.php line 596
at Router->dispatch(object(Request)) in Kernel.php line 267
at Kernel->Illuminate\Foundation\Http\{closure}(object(Request)) in Pipeline.php line 53
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in CheckForMaintenanceMode.php line 46
at CheckForMaintenanceMode->handle(object(Request), object(Closure)) in Pipeline.php line 137
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in Pipeline.php line 33
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in Pipeline.php line 104
at Pipeline->then(object(Closure)) in Kernel.php line 149
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 116
at Kernel->handle(object(Request)) in index.php line 54
at require_once('C:\xampp\htdocs\www.betrivius.it\application\public\index.php') in server.php line 21

What could be the problem? How can I solve this issue?

Answer 1

You should setup token for Ajax requests. Put this in the main layout:

<meta name="csrf-token" content="{{ csrf_token() }}">

And execute this JS code with each request:

$.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
    }
});

Answer 2

you need to attach csrf-token to your ajax request...Here is link

To add one you can use csrf_token() method which will automatically create a hidden field named '_token' with its value set to 'token' then in ajax you can use its value.

eg. in html within you form you need to add:

{{csrf_token()}}

and in ajax:

jQuery.ajax({
  url: '/doSearch',
  type: 'POST',
  dataType: 'json',
  //data: $form.serialize(),
  success: function(data){
   console.info('ssssssssssiiii',data);
     },
     error: function(data, b){
   console.info('erroreeeeee');
     },
   beforeSend:function(xhr){
      xhr.setRequestHeader('X-CSRF-TOKEN',$('_token').val());
   }
 });

Answer 3

If your are coding into a .php page instead of a .html page

Try this:

<meta name="csrf-token" content="<?php echo csrf_token(); ?>">

instead:

<meta name="csrf-token" content="{{ csrf_token() }}">

It works for me.