- CSRF attacks are type of attacks where unauthorized commands are performed on behalf of the authorized user.
- Laravel provides an easy method to block CSRF attacks.
- You should include a CSRFfield inside the form of HTML. Any HTML forms of method POST, PUT or DELETE should include the CSRF token.
- The Laravel application will automatically generate a CSRF token for each active session managed by the application.
<form method="POST" action="/post_function">
{{ csrf_field() }}
...
...
</form>