AWS Cloudfront causing CSRF Token Mismatch Exception

Question

Alright hello, I have deployed my Laravel app on AWS ELB and I set up Cloudfront distribution for my app. Now I am facing CSRF Token mismatch. I know that this error can be caused by multiple config values that may be wrong. Now I have managed to fix this issue by myself in the past, but it was a long time ago and I don't know what I did and where. So if you have some tips on what could be wrong and where, then definitely send them my way. Thanks

EDIT: The exception happens after switching to Cloudfront. My problem is to get it working with Cloudfront.

Answer 1

• Edit your distribution, select Behaviors tab and then create behavior
• select your Origin
• On Origin request policy - optional click on Create origin request policy
• Name your request policy and choose ALL in cookies drop down
• click create and return to Behavior creation
• Select the created Origin request policy
• Save changes

Answer 2

So the problem was with forwarding of cookies, especially the XSRF_TOKEN cookie. Cookies aren't forwarded by default through the cloudfront, you have to set up a whitelist to do that. Just edit the cloudfront distribution it's in Behaviours section. Another cookies to consider forwarding are laravel_session if you use cookie sessions and remember_* if you use remember login feature.