21 lines
528 B
PHP
21 lines
528 B
PHP
<?php
|
|
namespace App\Http\Middleware;
|
|
|
|
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
|
|
|
|
class VerifyCsrfToken extends Middleware
|
|
{
|
|
/**
|
|
* The URIs that should be excluded from CSRF verification.
|
|
* Add legacy endpoints that post from old JS which don't include tokens.
|
|
*
|
|
* @var array<int, string>
|
|
*/
|
|
protected $except = [
|
|
'chat_post',
|
|
'chat_post/*',
|
|
'api/art/*/view',
|
|
// Apple Sign In removed — no special CSRF exception required
|
|
];
|
|
}
|