Skip to content

Commit

Permalink
Merge pull request #242 from TwilightDuck/patch-1
Browse files Browse the repository at this point in the history
Update CSRF documentation for Laravel 11
  • Loading branch information
Naoray authored Jul 16, 2024
2 parents 735f683 + fdb8307 commit f18b0c5
Showing 1 changed file with 8 additions and 9 deletions.
17 changes: 8 additions & 9 deletions docs/webhook.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,17 +45,16 @@ class MollieWebhookController extends Controller {

Finally, it is _strongly advised_ to disable the `VerifyCsrfToken` middleware, which is included in the `web` middleware group by default. (Out of the box, Laravel applies the `web` middleware group to all routes in `routes/web.php`.)

You can exclude URIs from the CSRF protection in the `app/Http/Middleware/VerifyCsrfToken.php` file:
You can exclude the route from the CSRF protection in your `bootstrap/app.php`:

```php
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'webhooks/mollie'
];
// bootstrap/app.php

->withMiddleware(function (Middleware $middleware) {
$middleware->validateCsrfTokens(
except: ['webhooks/mollie']
);
})
```

If this solution does not work, open an [issue](https://github.com/mollie/laravel-mollie/issues) so we can assist you.

0 comments on commit f18b0c5

Please sign in to comment.